Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   GVU Trojaner (sperrt Computer) und ist trotz Kaspersky Rescue noch aktiv (https://www.trojaner-board.de/121445-gvu-trojaner-sperrt-computer-trotz-kaspersky-rescue-noch-aktiv.html)

Lizzie87 07.08.2012 02:54
GVU Trojaner (sperrt Computer) und ist trotz Kaspersky Rescue noch aktiv
 
Hallo zusammen,

ich bin neu hier, weil ich mir den GVU-Trojaner eingefangen habe und ihn bisher noch nicht selbst beseitigen konnte. Ich habe schon oft durch euer Forum gestöbert und es war immer sehr hilfreich also wende ich mich nun hoffnungsvoll an euch.
Ich würde mich sehr freuen, wenn mir jemand helfen könnte

Ich habe Windows 7 - 64 bit.
Ich habe Avast, es war aber zu dem Zeitpunkt deaktiviert. Werd ich in Zukunft nicht wieder riskieren...
Anmerkung: Ich hatte/habe auch den Windows sality Virus.

Im Folgenden versuche ich die Problematik so genau es geht zu beschreiben.
Ich habe wie bereits erwähnt den sogenannten GVU-Trojaner (hat sich von selbst auf meinen PC geladen), der ein unschließbares Fenster öffnet mit einer Warnung, dass mein Computer gesperrt wurde und ich 100€ zahlen soll um einem Strafverfahren zu entgehen oder so ähnlich. Er zeigt meine IP und meinen Wohnort an und ich glaub sogar ein Webcambild.
Man kann weder Taskmanager öffnen noch sonst etwas, wenn das Fenster sich öffnet. Dieses öffnet sich NUR, wenn der Computer Internetzugang hat.

Was habe ich bisher versucht?
- Avast Scan und Reparatur
- Kaspersky Rescue Disk beim booten. Der fand auch einiges, ich habe nach Empfehlung Sachen desinfiziert oder in Quarantäne verschoben

alles ohne Erfolg.

Dann habe ich den vollständigen Malwarebytes Anti-Malware Scan durchgeführt und alle Schädlinge (es waren 2) entfernt. Ich hatte nicht die Möglichkeit die beiden Dateien in Quarantäne zu verschieben.


REPORT
Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.03.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
*** :: *** [Administrator]

07.08.2012 02:06:07
mbam-log-2012-08-07 (03-08-57).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|H:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 464423
Laufzeit: 1 Stunde(n), 1 Minute(n), 42 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\***\Downloads\mist\microsoftoffice2010germanlanguagepackx86xiso.exe (PUP.Adware.MediaGet) -> Keine Aktion durchgeführt.
D:\khjka.exe (Malware.Packer.Gen) -> Keine Aktion durchgeführt.

(Ende)

Dann hier noch meine OTL.txt
Ich hoffe, das ist ok, dass ich nicht anonymisiert habe. Ich heiße Lisa. So nun wissens alle.

Code:
OTL logfile created on: 07.08.2012 03:22:18 - Run 1
OTL by OldTimer - Version 3.2.56.0    Folder = C:\Users\Lisa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 2,15 Gb Available Physical Memory | 54,92% Memory free
7,83 Gb Paging File | 5,64 Gb Available in Paging File | 71,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,00 Gb Total Space | 13,10 Gb Free Space | 6,55% Space Free | Partition Type: NTFS
Drive D: | 246,68 Gb Total Space | 112,45 Gb Free Space | 45,59% Space Free | Partition Type: NTFS
 
Computer Name: LÄPPI | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.07 02:38:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- D:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- D:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware 2.2\mbamservice.exe
PRC - [2012.05.18 22:55:02 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.01.20 15:23:00 | 000,054,432 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
PRC - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.07.12 17:10:34 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011.07.12 17:10:28 | 000,923,984 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011.07.07 16:44:12 | 000,183,432 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
PRC - [2011.07.07 16:44:12 | 000,066,696 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
PRC - [2011.06.17 22:02:56 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.06.17 22:02:41 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.20 11:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.03.15 15:44:30 | 000,428,384 | ---- | M] (Sony Corporation) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.14 14:51:51 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0018dd52b56988a833ee41699cf49325\IAStorUtil.ni.dll
MOD - [2012.06.14 13:48:42 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.14 13:48:37 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.05.12 12:37:01 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e7cd67fc34ad0fc611c1e1244cfc6584\IAStorCommon.ni.dll
MOD - [2012.05.11 10:35:55 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012.05.11 10:35:15 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012.05.11 10:35:11 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.11 10:35:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.11 10:35:07 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.11 10:35:03 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011.12.27 23:45:10 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc -- (McMPFSvc)
SRV:64bit: - [2011.12.22 08:54:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.11.30 18:49:50 | 000,260,768 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV - [2012.07.22 20:12:54 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware 2.2\mbamservice.exe -- (MBAMService)
SRV - [2012.05.18 22:55:02 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.02.28 17:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Programme\Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.01.31 16:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.20 15:23:00 | 000,054,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2012.01.13 10:41:36 | 001,256,040 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.14 13:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer 7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.07.15 17:43:38 | 000,969,352 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2011.07.13 11:14:44 | 000,552,584 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2011.07.12 17:10:34 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011.07.12 17:10:32 | 001,321,296 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011.07.12 17:10:28 | 000,923,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011.07.07 16:44:12 | 000,066,696 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)
SRV - [2011.07.05 22:27:00 | 000,199,272 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV - [2011.06.17 22:02:56 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.06.17 22:02:41 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.06.16 22:51:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.05.19 20:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2011.05.02 15:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011.05.02 15:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2011.05.02 15:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2011.04.21 10:34:16 | 001,136,640 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2011.04.21 09:42:50 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2011.03.15 15:44:30 | 000,428,384 | ---- | M] (Sony Corporation) [Auto | Running] -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2011.03.01 22:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011.02.18 23:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2011.02.18 23:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2011.01.20 13:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2011.01.20 13:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.05.20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.07.23 00:16:42 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.07.03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.07.03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.07.03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.07.03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.07.03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.07.03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.10 21:28:16 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.12.22 09:30:24 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.12.22 08:12:40 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.12.01 11:42:44 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)
DRV:64bit: - [2011.12.01 11:42:44 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)
DRV:64bit: - [2011.11.11 16:24:56 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.08.23 11:12:56 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.07.06 18:16:40 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011.07.06 17:34:00 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011.07.06 17:33:58 | 000,052,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011.06.25 05:13:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.06.21 16:19:16 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2011.06.21 16:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011.06.21 16:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011.06.17 22:02:39 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.06.16 22:51:52 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.06.15 22:19:55 | 001,439,280 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.06.10 10:00:38 | 000,208,896 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.06.10 10:00:36 | 000,091,648 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.05.01 15:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.04.21 10:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011.04.21 10:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.30 03:19:52 | 000,425,064 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.05.20 15:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010.04.26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010.03.19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.01.27 04:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2009.07.31 04:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XENfiltv.sys -- (XENfiltv)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.10 22:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 15:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008.06.17 09:22:24 | 000,040,464 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcd10bus.sys -- (vcd10bus)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2828986503-655130210-3903424927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
IE - HKU\S-1-5-21-2828986503-655130210-3903424927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKU\S-1-5-21-2828986503-655130210-3903424927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://facebook.de/ [binary data]
IE - HKU\S-1-5-21-2828986503-655130210-3903424927-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://web.de/
IE - HKU\S-1-5-21-2828986503-655130210-3903424927-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2828986503-655130210-3903424927-1000\..\SearchScopes,DefaultScope = {3EBCCCE8-6E90-4B3A-80CE-3C9C82F401C1}
IE - HKU\S-1-5-21-2828986503-655130210-3903424927-1000\..\SearchScopes\{3EBCCCE8-6E90-4B3A-80CE-3C9C82F401C1}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-2828986503-655130210-3903424927-1000\..\SearchScopes\{BCA728D4-FD8A-440C-AF44-5A64900D1F85}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKU\S-1-5-21-2828986503-655130210-3903424927-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2828986503-655130210-3903424927-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files (x86)\VDownloader\Addons\npVDownloader.dll (Vitzo)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.04.20 12:48:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.02.02 00:57:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@vdownloader.com: C:\Program Files (x86)\VDownloader\Addons\FireFox [2012.07.02 20:28:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.02.02 00:57:43 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009.06.01 18:16:02 | 000,001,840 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2828986503-655130210-3903424927-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avast] D:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Programme\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programme\Malwarebytes' Anti-Malware 2\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-2828986503-655130210-3903424927-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51ED1DB0-3073-45D9-BEE9-358855A15557}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F80838B8-EF0C-45C5-A92E-1EF84FBF651B}: DhcpNameServer = 83.169.185.161 83.169.185.225
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2cc86f25-d4e2-11e1-a342-f0bf97d8b305}\Shell - "" = AutoRun
O33 - MountPoints2\{2cc86f25-d4e2-11e1-a342-f0bf97d8b305}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{a8dec7de-d3f2-11e1-8fc0-f0bf97d8b305}\Shell - "" = AutoRun
O33 - MountPoints2\{a8dec7de-d3f2-11e1-8fc0-f0bf97d8b305}\Shell\AutoRun\command - "" = H:\noautorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.07 02:59:37 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
[2012.08.07 01:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware 2.2
[2012.08.07 01:55:37 | 010,652,120 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Lisa\mbam-setup-1.62.0.1300.exe
[2012.08.06 18:34:40 | 000,355,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.08.06 18:34:40 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.08.06 18:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.08.06 18:34:33 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.08.06 18:34:31 | 000,958,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.08.06 18:34:31 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.08.06 18:34:31 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.08.06 18:34:18 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.08.06 18:34:18 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.08.06 18:31:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2012.08.06 18:31:04 | 000,000,000 | ---D | C] -- C:\Users\Lisa\COMODO
[2012.07.29 23:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012.07.29 03:30:50 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\UAs
[2012.07.29 03:27:52 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\xmldm
[2012.07.29 03:27:36 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\kock
[2012.07.28 01:50:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Games
[2012.07.28 00:56:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.07.25 23:47:00 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.07.25 23:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.07.25 23:46:33 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.07.24 23:45:21 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Malwarebytes
[2012.07.24 23:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.24 23:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.24 23:45:14 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.24 16:06:35 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Fotografie
[2012.07.23 22:10:31 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2012.07.23 22:10:08 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\LogMeIn Hamachi
[2012.07.23 21:43:30 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2012.07.23 21:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2012.07.23 21:42:50 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys
[2012.07.23 21:42:50 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys
[2012.07.23 14:35:00 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\mist
[2012.07.23 00:56:24 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Command and Conquer Generals Data
[2012.07.23 00:22:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012.07.23 00:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.07.23 00:16:42 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.07.23 00:16:40 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\DAEMON Tools Lite
[2012.07.23 00:15:44 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.07.23 00:11:56 | 000,223,256 | ---- | C] (H+H Software GmbH) -- C:\Windows\SysNative\drivers\vdrv1000.sys
[2012.07.23 00:11:56 | 000,024,088 | ---- | C] (H+H Software GmbH) -- C:\Windows\SysNative\drivers\HH10Help.sys
[2012.07.23 00:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload
[2012.07.23 00:04:47 | 000,040,464 | ---- | C] (H+H Software GmbH) -- C:\Windows\SysNative\drivers\vcd10bus.sys
[2012.07.23 00:01:51 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Deployment
[2012.07.23 00:01:51 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Apps
[2012.07.22 20:14:23 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012.07.22 20:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012.07.22 20:12:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012.07.20 19:51:24 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Bachelorarbeit
[2012.07.08 15:11:36 | 000,000,000 | ---D | C] -- C:\Users\Lisa\mama cam
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Lisa\AppData\Roaming\*.tmp files -> C:\Users\Lisa\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.07 03:22:26 | 000,028,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.07 03:22:26 | 000,028,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.07 03:20:51 | 001,614,036 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.07 03:20:51 | 000,697,322 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.07 03:20:51 | 000,652,600 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.07 03:20:51 | 000,148,328 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.07 03:20:51 | 000,121,274 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.07 03:20:41 | 000,000,000 | ---- | M] () -- C:\Users\Lisa\defogger_reenable
[2012.08.07 03:14:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.07 03:14:44 | 3155,025,920 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.07 02:38:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
[2012.08.07 02:37:22 | 000,050,477 | ---- | M] () -- C:\Users\Lisa\Desktop\Defogger.exe
[2012.08.07 02:03:29 | 000,000,746 | ---- | M] () -- C:\Users\Lisa\Malwarebytes Anti-Malware.lnk
[2012.08.07 01:57:34 | 004,503,728 | ---- | M] () -- C:\ProgramData\rat_0ybba.pad
[2012.08.07 01:54:38 | 010,652,120 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Lisa\mbam-setup-1.62.0.1300.exe
[2012.08.06 20:39:00 | 280,012,800 | ---- | M] () -- C:\Users\Lisa\kav_rescue_10.iso
[2012.08.06 18:34:40 | 000,000,954 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.08.06 18:34:33 | 000,000,342 | -H-- | M] () -- C:\Windows\tasks\avast! Emergency Update.job
[2012.08.06 18:34:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.08.06 18:18:46 | 000,001,881 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.08.06 14:05:00 | 000,111,568 | ---- | M] () -- C:\Users\Lisa\Desktop\Zugang_Zulassung_Master-GH_R_2012.pdf
[2012.08.06 04:08:18 | 000,042,757 | ---- | M] () -- C:\Users\Lisa\Desktop\filme.rtf
[2012.08.05 10:03:12 | 000,281,152 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.08.05 10:03:12 | 000,281,152 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.08.05 09:59:04 | 000,281,152 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.08.04 15:03:22 | 000,033,585 | -H-- | M] () -- C:\Users\Lisa\Documents\iq.rtf
[2012.07.31 00:29:12 | 000,000,425 | ---- | M] () -- C:\Users\Lisa\Desktop\musik.rtf
[2012.07.30 22:52:45 | 000,473,157 | ---- | M] () -- C:\Users\Lisa\Desktop\POMFV3.pdf
[2012.07.29 23:21:46 | 000,000,738 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012.07.29 20:25:26 | 000,001,019 | ---- | M] () -- C:\Users\Lisa\Desktop\Xfire.lnk
[2012.07.29 03:28:10 | 000,269,968 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\AcroIEHelpe.dll
[2012.07.29 03:28:04 | 000,000,034 | ---- | M] () -- C:\Users\Lisa\AppData\Roaming\blckdom.res
[2012.07.28 20:07:13 | 000,001,003 | ---- | M] () -- C:\Users\Lisa\trauerbrief.rtf
[2012.07.28 17:53:19 | 004,910,048 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.28 01:52:42 | 000,000,615 | ---- | M] () -- C:\Windows\eReg.dat
[2012.07.28 01:50:12 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\Command & Conquer Generals.lnk
[2012.07.26 16:48:18 | 001,285,060 | ---- | M] () -- C:\Users\Lisa\Desktop\01 CNC Generals - C_USA04.mp3
[2012.07.26 16:38:10 | 004,744,801 | ---- | M] () -- C:\Users\Lisa\Desktop\01 CNC Generals - USA_01.mp3
[2012.07.24 01:18:26 | 000,001,934 | -H-- | M] () -- C:\Users\Lisa\Documents\how to c&c generals.rtf
[2012.07.23 22:21:28 | 001,646,385 | ---- | M] () -- C:\Users\Lisa\CIMG7985.JPG
[2012.07.23 22:19:16 | 001,713,803 | ---- | M] () -- C:\Users\Lisa\CIMG7984.JPG
[2012.07.23 00:16:42 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.07.22 23:52:26 | 000,000,203 | ---- | M] () -- C:\Users\Lisa\Desktop\Counter-Strike Source.url
[2012.07.22 20:14:23 | 000,000,203 | ---- | M] () -- C:\Users\Lisa\Desktop\Half-Life 2.url
[2012.07.21 22:16:12 | 000,000,195 | -H-- | M] () -- C:\Users\Lisa\Documents\nicknames.rtf
[2012.07.16 03:23:54 | 016,099,328 | ---- | M] () -- C:\Users\Lisa\einaudi - divenire.mp3
[2012.07.16 03:23:38 | 000,045,088 | -HS- | M] () -- C:\Users\Lisa\Folder.jpg
[2012.07.16 03:23:38 | 000,009,692 | -HS- | M] () -- C:\Users\Lisa\AlbumArtSmall.jpg
[2012.07.16 03:22:16 | 000,005,961 | -HS- | M] () -- C:\Users\Lisa\AlbumArt_{8B26AB06-A198-4E21-B69B-6EAE9FB50D36}_Large.jpg
[2012.07.16 03:22:16 | 000,001,856 | -HS- | M] () -- C:\Users\Lisa\AlbumArt_{8B26AB06-A198-4E21-B69B-6EAE9FB50D36}_Small.jpg
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Lisa\AppData\Roaming\*.tmp files -> C:\Users\Lisa\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.07 03:20:41 | 000,000,000 | ---- | C] () -- C:\Users\Lisa\defogger_reenable
[2012.08.07 02:59:37 | 000,050,477 | ---- | C] () -- C:\Users\Lisa\Desktop\Defogger.exe
[2012.08.07 02:03:29 | 000,000,746 | ---- | C] () -- C:\Users\Lisa\Malwarebytes Anti-Malware.lnk
[2012.08.06 20:36:14 | 280,012,800 | ---- | C] () -- C:\Users\Lisa\kav_rescue_10.iso
[2012.08.06 18:34:40 | 000,000,954 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.08.06 18:34:33 | 000,000,342 | -H-- | C] () -- C:\Windows\tasks\avast! Emergency Update.job
[2012.08.06 18:18:46 | 004,503,728 | ---- | C] () -- C:\ProgramData\rat_0ybba.pad
[2012.08.06 18:18:46 | 000,001,881 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.08.06 14:05:00 | 000,111,568 | ---- | C] () -- C:\Users\Lisa\Desktop\Zugang_Zulassung_Master-GH_R_2012.pdf
[2012.07.31 13:27:36 | 004,744,801 | ---- | C] () -- C:\Users\Lisa\Desktop\01 CNC Generals - USA_01.mp3
[2012.07.31 13:27:36 | 001,285,060 | ---- | C] () -- C:\Users\Lisa\Desktop\01 CNC Generals - C_USA04.mp3
[2012.07.31 00:23:43 | 000,000,425 | ---- | C] () -- C:\Users\Lisa\Desktop\musik.rtf
[2012.07.30 22:52:43 | 000,473,157 | ---- | C] () -- C:\Users\Lisa\Desktop\POMFV3.pdf
[2012.07.29 23:21:46 | 000,000,738 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012.07.29 03:28:10 | 000,269,968 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\AcroIEHelpe.dll
[2012.07.29 03:28:04 | 000,000,034 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\blckdom.res
[2012.07.28 20:07:13 | 000,001,003 | ---- | C] () -- C:\Users\Lisa\trauerbrief.rtf
[2012.07.28 01:50:12 | 000,001,866 | ---- | C] () -- C:\Users\Public\Desktop\Command & Conquer Generals.lnk
[2012.07.28 00:48:22 | 000,001,019 | ---- | C] () -- C:\Users\Lisa\Desktop\Xfire.lnk
[2012.07.25 23:47:00 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012.07.24 00:21:08 | 000,001,934 | -H-- | C] () -- C:\Users\Lisa\Documents\how to c&c generals.rtf
[2012.07.23 22:21:25 | 001,646,385 | ---- | C] () -- C:\Users\Lisa\CIMG7985.JPG
[2012.07.23 22:18:11 | 001,713,803 | ---- | C] () -- C:\Users\Lisa\CIMG7984.JPG
[2012.07.23 00:54:21 | 000,000,615 | ---- | C] () -- C:\Windows\eReg.dat
[2012.07.22 23:52:26 | 000,000,203 | ---- | C] () -- C:\Users\Lisa\Desktop\Counter-Strike Source.url
[2012.07.22 20:14:23 | 000,000,203 | ---- | C] () -- C:\Users\Lisa\Desktop\Half-Life 2.url
[2012.07.21 22:16:12 | 000,000,195 | -H-- | C] () -- C:\Users\Lisa\Documents\nicknames.rtf
[2012.07.16 03:22:16 | 000,005,961 | -HS- | C] () -- C:\Users\Lisa\AlbumArt_{8B26AB06-A198-4E21-B69B-6EAE9FB50D36}_Large.jpg
[2012.07.16 03:22:16 | 000,001,856 | -HS- | C] () -- C:\Users\Lisa\AlbumArt_{8B26AB06-A198-4E21-B69B-6EAE9FB50D36}_Small.jpg
[2012.07.08 00:25:01 | 117,011,527 | ---- | C] () -- C:\Users\Lisa\LPLTDE.rar
[2012.07.06 02:44:38 | 004,760,280 | ---- | C] () -- C:\Users\Lisa\Usher - Scream [128].mp3
[2012.07.02 20:28:48 | 000,049,152 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2012.06.30 19:39:10 | 000,000,266 | ---- | C] () -- C:\Users\Lisa\Pappa.vcf
[2012.06.30 18:31:35 | 000,961,968 | ---- | C] () -- C:\Users\Lisa\DSC00001.JPG
[2012.06.30 04:10:48 | 000,006,568 | ---- | C] () -- C:\Users\Lisa\images.jpg
[2012.06.30 02:41:39 | 000,073,147 | ---- | C] () -- C:\Users\Lisa\route-map-seattle.gif
[2012.06.26 01:40:34 | 000,040,119 | ---- | C] () -- C:\Users\Lisa\l3.jpg
[2012.06.26 01:40:30 | 000,038,054 | ---- | C] () -- C:\Users\Lisa\l2.jpg
[2012.06.26 01:40:24 | 000,036,401 | ---- | C] () -- C:\Users\Lisa\car.jpg
[2012.06.24 19:45:32 | 001,649,730 | ---- | C] () -- C:\Users\Lisa\CIMG7977.JPG
[2012.06.19 23:24:59 | 016,099,328 | ---- | C] () -- C:\Users\Lisa\einaudi - divenire.mp3
[2012.06.07 21:14:12 | 003,745,086 | ---- | C] () -- C:\Users\Lisa\matt 1.jpg
[2012.06.05 08:03:31 | 000,006,730 | ---- | C] () -- C:\Users\Lisa\log xfire.rtf
[2012.06.05 07:53:42 | 000,027,356 | ---- | C] () -- C:\Users\Lisa\uh60 5.6.12.rtf
[2012.05.31 21:47:24 | 000,720,909 | ---- | C] () -- C:\Users\Lisa\xfire problem 1.jpg
[2012.05.27 03:06:20 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012.05.23 21:19:02 | 000,372,102 | ---- | C] () -- C:\Users\Lisa\Studierendenausweis Lisa Graf.jpg
[2012.05.23 20:19:57 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.05.23 20:19:57 | 000,963,884 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.05.23 20:19:57 | 000,221,264 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.05.23 20:19:57 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.05.22 19:22:00 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012.05.17 18:44:16 | 000,068,037 | ---- | C] () -- C:\Users\Lisa\DSC_7364.jpg
[2012.05.17 18:43:43 | 000,078,518 | ---- | C] () -- C:\Users\Lisa\DSC_7371.jpg
[2012.05.17 18:43:23 | 000,044,743 | ---- | C] () -- C:\Users\Lisa\DSC_7362.jpg
[2012.05.17 18:43:03 | 000,056,749 | ---- | C] () -- C:\Users\Lisa\DSC_7363.jpg
[2012.05.12 13:16:01 | 001,674,596 | ---- | C] () -- C:\Users\Lisa\CIMG7917.JPG
[2012.05.12 13:16:01 | 001,661,795 | ---- | C] () -- C:\Users\Lisa\CIMG7916.JPG
[2012.05.12 13:16:01 | 001,652,969 | ---- | C] () -- C:\Users\Lisa\CIMG7914.JPG
[2012.05.12 13:16:01 | 001,638,229 | ---- | C] () -- C:\Users\Lisa\CIMG7915.JPG
[2012.05.09 23:03:08 | 000,039,415 | ---- | C] () -- C:\Users\Lisa\Jesuslol.jpg
[2012.05.09 22:59:54 | 000,056,632 | ---- | C] () -- C:\Users\Lisa\mecca.jpg
[2012.05.09 22:56:49 | 000,067,106 | ---- | C] () -- C:\Users\Lisa\7327_310_500_My-Teacher-Believes-In-Evolution.jpg
[2012.05.09 22:55:06 | 000,005,166 | ---- | C] () -- C:\Users\Lisa\1274633255324s.jpg
[2012.05.09 22:52:45 | 000,083,577 | ---- | C] () -- C:\Users\Lisa\daughter.jpg
[2012.05.09 22:51:18 | 000,190,334 | ---- | C] () -- C:\Users\Lisa\deshawn williams.jpg
[2012.05.09 22:47:52 | 000,142,411 | ---- | C] () -- C:\Users\Lisa\snowpersons.png
[2012.05.09 22:46:42 | 000,023,512 | ---- | C] () -- C:\Users\Lisa\sunisastar.jpg
[2012.05.09 22:41:27 | 000,085,953 | ---- | C] () -- C:\Users\Lisa\Picture 526.jpg
[2012.05.09 22:39:11 | 000,051,756 | ---- | C] () -- C:\Users\Lisa\Picture 533.jpg
[2012.05.09 18:33:43 | 000,045,088 | -HS- | C] () -- C:\Users\Lisa\Folder.jpg
[2012.05.09 18:33:43 | 000,009,692 | -HS- | C] () -- C:\Users\Lisa\AlbumArtSmall.jpg
[2012.05.07 20:55:54 | 000,000,609 | ---- | C] () -- C:\Users\Lisa\flüge usa.rtf
[2012.05.04 20:02:51 | 009,299,642 | ---- | C] () -- C:\Users\Lisa\Linkin Park - Burn It Down (www.SongsLover.com).mp3
[2012.05.04 19:57:34 | 009,451,147 | ---- | C] () -- C:\Users\Lisa\Jason Derulo - Breathing (www.SongsLover.com).mp3
[2012.05.03 04:54:46 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.04.23 12:07:40 | 001,623,206 | ---- | C] () -- C:\Users\Lisa\CIMG7878.JPG
[2012.04.23 12:07:40 | 001,610,571 | ---- | C] () -- C:\Users\Lisa\CIMG7879.JPG
[2012.04.23 12:07:40 | 001,566,426 | ---- | C] () -- C:\Users\Lisa\CIMG7876.JPG
[2012.04.21 01:31:43 | 000,011,259 | ---- | C] () -- C:\Users\Lisa\gsview64.ini
[2012.04.21 01:14:22 | 000,000,043 | ---- | C] () -- C:\Windows\gswin64.ini
[2012.03.17 00:58:22 | 000,281,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.03.17 00:56:44 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.03.14 12:35:35 | 000,000,044 | ---- | C] () -- C:\Users\Lisa\.edu.xtec.properties
[2012.02.24 22:21:20 | 000,007,618 | ---- | C] () -- C:\Users\Lisa\AppData\Local\Resmon.ResmonCfg
[2012.02.24 20:55:35 | 000,000,132 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.02.02 00:54:03 | 000,248,565 | ---- | C] () -- C:\Windows\hpwins18.dat
[2012.02.02 00:54:03 | 000,000,539 | ---- | C] () -- C:\Windows\hpwmdl18.dat
[2011.12.28 00:10:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.12.28 00:07:37 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011.07.20 02:29:42 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.07.20 02:29:35 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.07.02 00:08:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.06.21 10:08:55 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.03.31 09:59:24 | 000,002,169 | ---- | C] () -- C:\Windows\XENcfg.ini
[2011.02.11 01:03:27 | 001,591,930 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== LOP Check ==========
 
[2012.06.08 11:42:47 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\AnvSoft
[2011.12.29 15:35:05 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Atari
[2012.03.09 19:23:46 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Audacity
[2012.03.09 18:14:33 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Audio Recorder for Free
[2012.06.11 19:04:10 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.07.23 00:28:40 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DAEMON Tools Lite
[2012.01.29 19:41:37 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DVDVideoSoft
[2012.01.29 19:40:18 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.07.21 20:33:41 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ
[2012.06.30 00:19:49 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\iolo
[2012.07.29 03:27:36 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\kock
[2012.03.11 14:46:17 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Media Get LLC
[2012.01.30 02:08:07 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\OpenOffice.org
[2009.06.01 18:41:29 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\PACE Anti-Piracy
[2012.08.06 14:57:37 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\SoftGrid Client
[2012.06.11 18:46:11 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.01.06 17:55:12 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\TeamViewer
[2012.01.02 01:36:07 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\TP
[2012.07.29 03:30:53 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\UAs
[2012.08.05 21:24:23 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\uTorrent
[2012.07.02 20:29:19 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\VDownloader
[2012.07.29 03:31:06 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\xmldm
[2012.08.06 18:34:33 | 000,000,342 | -H-- | M] () -- C:\Windows\Tasks\avast! Emergency Update.job
[2012.07.14 13:27:51 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
Und die Extras.txt
Code:
OTL Extras logfile created on: 07.08.2012 03:22:18 - Run 1
OTL by OldTimer - Version 3.2.56.0    Folder = C:\Users\Lisa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 2,15 Gb Available Physical Memory | 54,92% Memory free
7,83 Gb Paging File | 5,64 Gb Available in Paging File | 71,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,00 Gb Total Space | 13,10 Gb Free Space | 6,55% Space Free | Partition Type: NTFS
Drive D: | 246,68 Gb Total Space | 112,45 Gb Free Space | 45,59% Space Free | Partition Type: NTFS
 
Computer Name: LÄPPI | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2828986503-655130210-3903424927-1000\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe Premiere CS5.5\Adobe Bridge CS5.1\Bridge.exe "%L"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe Premiere CS5.5\Adobe Bridge CS5.1\Bridge.exe "%L"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 1
"UpdatesDisableNotify" = 0
"UacDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 1
"UacDisableNotify" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1DB55593-92E9-43ED-9DAE-E9A2ACA0223C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2C3348B9-7403-4EE4-811A-54F953AD8BFD}" = rport=137 | protocol=17 | dir=out | app=system |
"{2EEAAE20-0887-4E3E-9ECB-4F6CFCDBD55D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{3082009E-C6B6-4631-8743-606BD6C142B7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{343ACF55-E5AF-457F-9325-F6039B21658A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{42D66092-5212-4022-92D8-DFCBC903906C}" = rport=138 | protocol=17 | dir=out | app=system |
"{4DFBDFE1-CD72-416D-9106-6D7505AEEE67}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5B7D76B1-F51C-4ABE-9423-94B8802DA5FE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{641A2351-6205-4F7C-AC7A-1FD54D38FD13}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{644B5E14-227E-4295-8271-E360ECE1F5E8}" = rport=445 | protocol=6 | dir=out | app=system |
"{79D535AD-E1BD-47B9-9066-1B833BC34655}" = lport=138 | protocol=17 | dir=in | app=system |
"{7F04027A-1712-4FFC-B0F8-25D680DD307A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8BF89017-04D6-41CC-9470-DE8A15CF58F5}" = lport=445 | protocol=6 | dir=in | app=system |
"{8F181630-66D9-4786-84E6-A1EA939ECAB4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{97B99E03-BD58-46C1-AB2B-09F25361DC4D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9F5BD04C-8670-4CD5-87BD-E5E8A9D6203C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C53CB613-9BC8-43A6-A5BF-788424013034}" = lport=137 | protocol=17 | dir=in | app=system |
"{C7327FB1-3491-4646-AE6E-94E980BA5998}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CC3273ED-2D14-442C-8609-A9DEB78CA648}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D7C4108E-D4BF-4431-9C83-FD1A80D3710D}" = rport=139 | protocol=6 | dir=out | app=system |
"{E4E47D97-36EE-4CC6-B686-4AD9097C6765}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F4ED4367-6789-4964-AA7A-4105A589771C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F76873D9-AF03-4F39-BB37-2758EE337D17}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE93B39E-CEE3-42AA-895E-F0DDB761379D}" = lport=139 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09D2405D-4138-462D-9F45-782F91E19577}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0AD3BF85-C0AF-4D08-9FF8-F86D8A65B99A}" = protocol=6 | dir=out | app=system |
"{0B8CA2F2-BFE4-487F-AA5C-50AC0DCF33C8}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0DA9CD41-56E4-45F2-AFB0-81D6983F5925}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer 7\teamviewer_service.exe |
"{12E4F4A7-4EC8-4B64-8580-10FDA074B45D}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{1CB77D61-A048-4498-9AE0-7BD6B56E4298}" = protocol=17 | dir=in | app=c:\users\lisa\appdata\local\mediaget2\mediaget.exe |
"{1F4953BE-999C-4AA3-A0BA-4C94E342D14B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{218EEEB2-6F8A-4094-9D56-DA622FA96DAE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer 7\teamviewer_service.exe |
"{22CCD1E1-6A5C-4D81-A6F7-425F5C84661B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{23C6C0FA-2376-4E48-A848-C75F16F37313}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{298B19D9-A63E-4CC1-8E3C-005EA74B677B}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{338FFCA6-6285-4A32-A33F-5B8A70A70E72}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{34ABCA65-FDED-4A45-A55D-AFF0E28E0152}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{370C8502-EB38-4F6E-8DE3-AC5D27EE0AFC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3B30F020-EBAB-46EE-B9E8-72AF1B841E95}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{449659E9-1E5A-49BE-848F-F5327D5DCAC6}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer 7\teamviewer.exe |
"{4A7B3142-2740-42E1-B656-22928AA923FF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{503884F5-7956-48CA-9F85-C44E441466EA}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{512616FF-4427-4E6F-859F-61E0F9900420}" = protocol=17 | dir=in | app=d:\programme\xfire\xfire.exe |
"{513F2213-EF9C-4E65-B14C-BC56AD7EB15F}" = protocol=6 | dir=in | app=d:\programme\xfire\xfire.exe |
"{515435C4-6503-4CC6-AC94-DD40BA7779B1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{51546C6A-C303-4913-9914-91704A4F8E3F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{528D29BE-D661-47E0-9414-DEAD1389F923}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53070083-412B-40CB-AE8E-F781F421FF53}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{63A2D2C7-FF3B-4005-8AA7-7E38E0530687}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{64E5D062-D0F8-4D66-8CFE-9DE9D4B48D90}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7011A01F-A464-4840-8E56-3CC74DE73A73}" = protocol=58 | dir=in | app=system |
"{726FBA36-86AB-45AA-BD2D-B65F7699708E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{7D3746BF-A79F-4209-9251-A137645A5D5C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7E26038B-4CC7-4177-B9C4-E84902ED0851}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{7F77D81F-6E27-4BA3-BF41-E5FD75F85485}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{80F5A6B5-92B1-4705-BCC9-ECA0160BAD65}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{82140088-45FD-4A9C-B5E4-12282D260417}" = protocol=6 | dir=in | app=d:\games\hl2\steam.exe |
"{871E22DF-0094-4EC8-B711-B36B9091142B}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{87C9D1AA-A0D7-4CFD-8A5C-2390A97C2389}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{8E810E2D-2854-459D-8544-AFD6D5FCE246}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{91642166-FE83-47E3-98F9-34FC260A9E0D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{96F92B55-0DE8-4301-8C00-1859071F308B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer 7\teamviewer.exe |
"{99F52D63-663A-4066-BE3F-81DEA71F91BD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{99FA9771-17FF-47E2-98A9-AAA5B9F29B84}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9CF99F53-ACAC-44C6-AA65-ADDAAF132793}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{9FF1A445-B5F4-48F9-ADA5-B7C0E69EB60F}" = protocol=17 | dir=in | app=d:\games\hl2\steam.exe |
"{A100FB02-A1FA-48A5-9DF1-60C9A82F68C8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{A1A707D4-BD6B-472A-949F-CFA8B6093FAC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A7F89A49-FBD1-4A92-BBE6-F7136A583FEA}" = protocol=17 | dir=in | app=d:\games\battlefield 2\bf2.exe |
"{AB425057-5992-4A34-BC86-7CA757537D0D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{ABBE5BCC-4273-4706-9B08-DFAFD7E927F9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{ABCE15B2-6342-4461-8595-292C28700D67}" = protocol=6 | dir=in | app=c:\users\lisa\appdata\local\mediaget2\mediaget.exe |
"{BB894B29-ADBD-44C6-9C46-6B98EA3FE6AC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C3D98803-1DAF-4609-9BBA-F247619F53FF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{C416CBFF-C2FA-4D27-B539-10840673E2E6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C49E145D-4328-45FE-B7A7-AFD4C7ED2696}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{C6548218-1C7D-4328-A4C8-7FAA661B138E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{C7A9B30C-726B-4452-A145-3F65E7269FA0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{C8BE2616-BD8E-4BD3-B75A-AAC972C99602}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{CC050CDD-CE15-4F3B-BC37-457EC8B2C111}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC0899E2-42DF-468C-998E-9795CC6D5401}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D5C0304F-4B96-4191-92C5-5D2557D00D92}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{DA8C880E-D176-4136-8C8B-C5274AF30B77}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{DBEBDAEA-772A-4BFA-A630-B2544D5C7937}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{E2FD9879-387A-426A-BF37-90A2AFB50A54}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{E4FE4860-5EDC-451D-A833-1489FE070B35}" = protocol=6 | dir=in | app=d:\games\battlefield 2\bf2.exe |
"{E73D49AC-FE84-4D33-98BE-60B7F4923F71}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{E83E6BB1-EB6B-41EB-AFDF-0E962807076B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EB2A46D3-5601-430C-89CD-E1113C7FA28F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F20DB2AE-A1CB-437F-8D7E-91B96BB989E5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{F6BF0E15-F83A-4A08-9D2C-911F1D129430}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FB7E1AD7-5428-4BB7-B737-BBC21599D43A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{FEFBF63C-315D-4451-BF05-FBD81B38DBB3}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"TCP Query User{8DE08D82-BB64-4FB9-9A7F-3AD357F2041B}D:\games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=d:\games\battlefield 2\bf2.exe |
"TCP Query User{93CB4D73-737E-46D2-82BF-560CBFB58006}D:\games\c&c generals\generals.exe" = protocol=6 | dir=in | app=d:\games\c&c generals\generals.exe |
"TCP Query User{9E3E0E4B-924D-4B6E-8686-70E351456CA1}D:\games\hl2\steamapps\angel_0f_darkness\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=d:\games\hl2\steamapps\angel_0f_darkness\half-life 2 deathmatch\hl2.exe |
"TCP Query User{A5BAEF20-A801-41B4-92F7-53F2B5B24B8A}D:\programme\xfire\xfire.exe" = protocol=6 | dir=in | app=d:\programme\xfire\xfire.exe |
"TCP Query User{C1BFF8F0-B12B-4136-A972-FA6C5FC2AEB6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{C8DBA33F-9E1F-48FE-AC85-B0D142243DEE}D:\games\hl2\steamapps\angel_0f_darkness\half-life 2\hl2.exe" = protocol=6 | dir=in | app=d:\games\hl2\steamapps\angel_0f_darkness\half-life 2\hl2.exe |
"UDP Query User{46D09A7D-6B12-426A-B7B0-65E92158441C}D:\games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=d:\games\battlefield 2\bf2.exe |
"UDP Query User{51216F6A-4A7C-4AAF-AEF6-BC5C9044A2F8}D:\games\c&c generals\generals.exe" = protocol=17 | dir=in | app=d:\games\c&c generals\generals.exe |
"UDP Query User{61655350-EAE2-4C17-ABFF-313E0D64C826}D:\games\hl2\steamapps\angel_0f_darkness\half-life 2\hl2.exe" = protocol=17 | dir=in | app=d:\games\hl2\steamapps\angel_0f_darkness\half-life 2\hl2.exe |
"UDP Query User{631A0827-0F3E-4C00-936F-0D48D0B3A9F6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{9796D9B9-F032-4CCD-9216-A2470F9DB8C8}D:\programme\xfire\xfire.exe" = protocol=17 | dir=in | app=d:\programme\xfire\xfire.exe |
"UDP Query User{C7AB1CBD-3C23-49BD-9E6E-C07E921D4BC5}D:\games\hl2\steamapps\angel_0f_darkness\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=d:\games\hl2\steamapps\angel_0f_darkness\half-life 2 deathmatch\hl2.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0EF86E06-C755-4C6F-8E47-2528D0546C0A}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{2106A845-79C0-426B-9B91-9CBEAF3DE0F2}" = VAIO Update Merge Module x64
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi-Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{471F7C0A-CA3A-4F4C-8346-DE36AD5E23D1}" = VAIO Care
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4EFA8109-732B-4026-9F0C-B70ECF3F9293}" = Windows Live Remote Service Resources
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = Sony Corporation
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{549AD5FB-F52D-4307-864A-C0008FB35D96}" = VCCx64
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5CB648C9-78CC-D03E-65E4-B4AF6127CEFC}" = ccc-utility64
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6DB15DF9-83CE-462E-A1CC-4382C3E61EF5}" = HP OfficeJet L7400 Series
"{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{7BF570D4-D060-165D-64AA-4C96DBC08671}" = AMD Media Foundation Decoders
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{9F672527-2BE4-47AB-B061-C057BDE30B30}" = Windows Live Remote Client Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DC4BA134-55D7-AA2B-FC2F-68A95CDA41AB}" = ATI Catalyst Install Manager
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"GPL Ghostscript 9.02" = GPL Ghostscript
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"ProInst" = Intel PROSet Wireless
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{02A388E1-5998-453A-ADF1-823BFB0EAAAE}" = bpd_scan
"{0320AB41-0926-4218-A8A6-68AC84E6BB93}" = Nero Recode 11
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" =
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}" = Adobe Premiere Pro CS5.5
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{06676957-7563-8D90-1212-6B58F8B724D9}" = CCC Help Spanish
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play mit PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F895695-33CC-4203-9C47-25EF2AC9441C}" = Media Go
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{13EC74A6-4707-4D26-B9B9-E173403F3B08}" = Quick Web Access
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1B0545C4-620F-4661-A369-C4D113F24932}" = Windows Live Writer Resources
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{223767A9-2A17-8F5D-A08A-BE720E51C2D6}" = CCC Help Norwegian
"{2303F9E7-6293-4A85-BC21-CA226FAD5CE4}" = Windows Live Mail
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{270380EB-8812-42E1-8289-53700DB840D2}" = PMB VAIO Edition Plug-in
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}" = Основи Windows Live
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2D7F5A88-C877-4713-8B3A-6ACBF06B62BE}" = BPDSoftware_Ini
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{2FFD2FF0-8D1F-7CF0-B389-C2FE3B0BD745}" = CCC Help Czech
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4145C18C-AC42-4CEC-9F52-FE5CF907DAAD}" = ProductContext
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{489D3997-0A51-54BD-591E-AD6A15EB8190}" = CCC Help English
"{49BE00D7-9144-43ED-B18D-D75D1336ACF8}" = 7400_Help
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B8AE39C-8C49-C157-4C49-7237B047DB57}" = Catalyst Control Center InstallProxy
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{51865D9D-8F63-46F2-87AB-9E72F93B618C}" = Welcome App (Start-up experience)
"{52018CB0-FD4F-C746-C950-1F40B00BC0C5}" = CCC Help Greek
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{53F29A32-7D03-4635-A8B3-839D921F6F96}" = Adobe Flash Player 10 Plugin
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{547F3077-EBD6-9D0A-4C9C-A729E5AD6A76}" = CCC Help Korean
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{59312BC4-CA09-88A4-3CA2-A96FF21B4604}" = CCC Help Chinese Standard
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5C79D312-F68F-4B04-8A4F-E28A0AE1ECBB}" = CrissCross 8.40
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{6007FDAD-CBF0-4B15-6235-93F358273066}" = CCC Help Hungarian
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{60E333E5-93AF-E75A-3A22-A10B0DD351BE}" = CCC Help German
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66081CDD-C1FE-415F-BB3A-F2622BA27461}" = PMB VAIO Edition Guide
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}" = Елемент керування Windows Live Mesh ActiveX для віддалених підключень
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AC57EEF-2733-4DE6-81BB-E78ACB964C22}" = Windows Live Photo Common
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70DE9E60-DE22-4362-B868-1B8922F78C1A}" = Remote Keyboard
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{71FC647F-E91F-4DD2-BEA4-7B4172015DCE}" = VHD
"{7252D1A7-B4FD-4B82-BC59-B4D6EF4B03F3}_is1" = Holgers PDFshellConvert 1.0
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{781A93CD-1608-427D-B7F0-D05C07795B25}" = Intel(R) WiDi
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7C9B54C7-7777-41E4-8508-E78A6CE3BCE5}" = Catalyst Control Center - Branding
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{80651674-74AA-4155-AF2D-1339E628D187}" = Windows Live Movie Maker
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{862AE653-4E32-087E-BA55-C11B853D4DF6}" = CCC Help Thai
"{868BA6F4-881C-45a4-B78F-1F48F36B870D}" = L7400
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF4B62E-2ED0-0950-FA54-A46D59A93636}" = Catalyst Control Center Localization All
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2010
"{90140000-0017-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{0F513B77-0D84-4615-87F7-B814D1FC64F5}" = Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2010
"{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.WORD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.OMUI.de-de_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.WORD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.OMUI.de-de_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.WORD_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.OMUI.de-de_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.WORD_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.WORD_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.OMUI.de-de_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.WORD_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.WORD_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.WORD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BD-0407-0000-0000000FF1CE}" = Microsoft Office ScreenTip Language 2010 - Deutsch
"{90140000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2010
"{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{90D3D490-F6C4-4F4A-971B-93D0A66F2E2E}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2010
"{90140000-0101-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{4733E76A-5F12-4513-9CA8-DB2540A74EDA}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)40000-0101-0407-0000-0000000FF1CE}
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.WORD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.WORD_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{91BD94FE-ADCA-49CC-BE96-97D4BBC36FAF}" = Windows Live Mesh
"{92280FD3-A119-41E6-A740-A62DBA4DFB53}" = Windows Live UX Platform Language Pack
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{930A4D1B-AA42-D8DC-08F1-27CB7F6F6A13}" = CCC Help Danish
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{94650E3B-CCD1-AE32-46A1-3890787B3488}" = CCC Help Polish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AE76A96-BF2F-8AB9-46B8-74F1FB68AD4C}" = PX Profile Update
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.9.1195
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-1033-F400-BA7E-000000000005}" = Adobe Acrobat X Standard - English, Français, Deutsch
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFAD16F-D86E-D4E2-3E0A-A94F54544DE9}" = Catalyst Control Center Profiles Mobile
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1482DE6-FF00-2968-0155-57A643DCA7CB}" = CCC Help Portuguese
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B1893E3F-9BDF-443F-BED0-1AAA2D9E0D68}" = ArcSoft Magic-i Visual Effects 2
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B77DE05C-7C84-4011-B93F-A29D0D2840F4}" = ArcSoft WebCam Companion 4
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BA469F53-3131-47B0-9683-2C27F3546CD3}" = Remote Play with PlayStation 3
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE9E4DD1-6228-46C6-8EF9-42F7A4F6CC9D}" = VAIO Data Restore Tool
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C115A674-A398-49E5-9C6E-C0A541D3EA10}" = Фотоколекція Windows Live
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C4040489-0C6A-6361-3270-CE574016BE0F}" = CCC Help Chinese Traditional
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C4BD6ECC-FF0E-5AAC-8CB3-EA92B20D77A3}" = CCC Help Japanese
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D2F6976A-1935-F625-ACB4-CBF5C067C746}" = CCC Help Italian
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D31A8447-7962-42F9-A339-BE79D05C785E}" = BPDSoftware
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D57A002F-2B34-4E7B-A58B-0A4FBDA2E93F}" = Windows Live Messenger
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6506521-0959-4FA3-875F-E2E28830B0D2}" = NEF Codec
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DB27B1CA-A19D-4253-81C4-70968CBA1F0E}" = MPM
"{DC3B9C93-B7AF-01AB-D1FC-8FC82F78D8CD}" = PX Profile Update
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF184496-1CA2-4D07-92E7-0BD251D7DEF0}" = VCCx86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E8A943BA-C038-B562-92AE-7C5A99C972A0}" = CCC Help French
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA441422-6D6A-6E91-A973-492BB9BFB0D6}" = Catalyst Control Center Graphics Previews Common
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F21A6101-3E12-32AE-AB8D-51F11005B55B}" = CCC Help Swedish
"{F28C98E9-BAC1-41FF-81F2-8885925CCB48}" = Windows Live Writer
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F63FFE40-4F62-0F8C-5C97-7C66A2D7500A}" = CCC Help Turkish
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F69CE215-9CE8-48DB-6943-9003B6AE5142}" = Catalyst Control Center
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.4
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8DD58A9-2A6A-5004-8740-D4E50FBF726C}" = CCC Help Finnish
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}" = VAIO - Media Gallery
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FAF448F1-4460-440C-9280-07F66A63D6F5}" = Nero Kwik Media
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FC18AB8F-9BA3-423B-91F2-622990F57978}" = Nero 11
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FED5269F-EAAA-5D64-AE23-3478C747A1F1}" = CCC Help Russian
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"{FF5B1EEA-8766-4D05-A985-08610A21A739}" = CCC Help Dutch
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Any Video Converter Professional_is1" = Any Video Converter Professional 3.3.9
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"Audio Recorder for Free_is1" = Audio Recorder for Free 2010 v12.8.2
"avast" = avast! Free Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"DAEMON Tools Lite" = DAEMON Tools Lite
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free YouTube Download_is1" = Free YouTube Download version 3.0.20.1228
"GameSpy Arcade" = GameSpy Arcade
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"LogMeIn Hamachi" = LogMeIn Hamachi
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Office14.OMUI.de-de" = Microsoft Office Language Pack 2010 - German/Deutsch
"Office14.WORD" = Microsoft Word 2010
"Picasa 3" = Picasa 3
"PremElem90" = Adobe Premiere Elements 9
"ProInst" = Intel PROSet Wireless
"Roller Coaster Tycoon 3 Platinum  - CarlesNeo !" = Roller Coaster Tycoon 3 Platinum  - CarlesNeo !
"splashtop" = Quick Web Access
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 320" = Half-Life 2: Deathmatch
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"uTorrent" = µTorrent
"VAIO Help and Support" =
"VAIO Hero Screensaver - Fall 2011 Screensaver" = VAIO Hero Screensaver - Fall 2011 Screensaver
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR 4.10 (32-Bit)
"Xfire" = Xfire (remove only)
"Yahoo! Companion" = Yahoo! Toolbar
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2828986503-655130210-3903424927-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MediaGet" = MediaGet
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07.06.2012 11:00:17 | Computer Name = Läppi | Source = WinMgmt | ID = 10
Description =
 
Error - 07.06.2012 14:12:21 | Computer Name = Läppi | Source = WinMgmt | ID = 10
Description =
 
Error - 08.06.2012 00:51:41 | Computer Name = Läppi | Source = WinMgmt | ID = 10
Description =
 
Error - 08.06.2012 04:29:20 | Computer Name = Läppi | Source = WinMgmt | ID = 10
Description =
 
Error - 08.06.2012 04:39:22 | Computer Name = Läppi | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
 DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar.
 Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

 
Error - 08.06.2012 05:40:20 | Computer Name = Läppi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 2.0.1.0, Zeitstempel:
 0x4f63d546  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
 0x4ec49b8f  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000ce6c3  ID des fehlerhaften Prozesses:
 0x1ad0  Startzeit der fehlerhaften Anwendung: 0x01cd455a66eeadad  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: f5fe488c-b14d-11e1-b32d-f0bf97d8b305
 
Error - 08.06.2012 06:18:59 | Computer Name = Läppi | Source = WinMgmt | ID = 10
Description =
 
Error - 08.06.2012 11:15:45 | Computer Name = Läppi | Source = WinMgmt | ID = 10
Description =
 
Error - 09.06.2012 04:50:44 | Computer Name = Läppi | Source = WinMgmt | ID = 10
Description =
 
Error - 09.06.2012 19:06:08 | Computer Name = Läppi | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 06.08.2012 14:59:58 | Computer Name = Läppi | Source = Service Control Manager | ID = 7003
Description = Der Dienst "McAfee Personal Firewall Service" ist von folgendem Dienst
 abhängig: MfeFire. Dieser Dienst ist eventuell nicht installiert.
 
Error - 06.08.2012 15:09:21 | Computer Name = Läppi | Source = DCOM | ID = 10010
Description =
 
Error - 06.08.2012 19:30:58 | Computer Name = Läppi | Source = Service Control Manager | ID = 7003
Description = Der Dienst "McAfee Personal Firewall Service" ist von folgendem Dienst
 abhängig: MfeFire. Dieser Dienst ist eventuell nicht installiert.
 
Error - 06.08.2012 19:33:35 | Computer Name = Läppi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?07.?08.?2012 um 01:31:36 unerwartet heruntergefahren.
 
Error - 06.08.2012 19:33:40 | Computer Name = Läppi | Source = Service Control Manager | ID = 7003
Description = Der Dienst "McAfee Personal Firewall Service" ist von folgendem Dienst
 abhängig: MfeFire. Dieser Dienst ist eventuell nicht installiert.
 
Error - 06.08.2012 19:55:31 | Computer Name = Läppi | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
 
Error - 06.08.2012 19:58:32 | Computer Name = Läppi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?07.?08.?2012 um 01:57:26 unerwartet heruntergefahren.
 
Error - 06.08.2012 19:58:42 | Computer Name = Läppi | Source = Service Control Manager | ID = 7003
Description = Der Dienst "McAfee Personal Firewall Service" ist von folgendem Dienst
 abhängig: MfeFire. Dieser Dienst ist eventuell nicht installiert.
 
Error - 06.08.2012 21:14:12 | Computer Name = Läppi | Source = DCOM | ID = 10010
Description =
 
Error - 06.08.2012 21:15:02 | Computer Name = Läppi | Source = Service Control Manager | ID = 7003
Description = Der Dienst "McAfee Personal Firewall Service" ist von folgendem Dienst
 abhängig: MfeFire. Dieser Dienst ist eventuell nicht installiert.
 
 
< End of report >
Vielen Dank im Voraus für Eure Hilfe und Mühen :dankeschoen:
Lisa

markusg 07.08.2012 11:22
hi
der sality ist ein file infektor, eig können wir uns da gleich jede arbeit sparen und das system neu machen.
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.

Lizzie87 07.08.2012 19:14
Hi Markus,

vielen Dank für die schnelle Antwort, auch wenn das, was ich lese sehr frustrierend für mich ist.
Ich wollte Datenrettung und Formatieren eigentlich vermeiden, da ich momentan keine freie externe Festplatte zur Verfügung habe... außerdem dauert es so ewig bis ich da alles wieder draufgespielt und eingerichtet habe und die Zeit hab ich gerade nicht, weil ich eine Bachelorarbeit schreiben muss :/
Natürlich bleibt mir nichts andere übrig, wenn nichts anderes machbar ist...

Die Sache ist die:
Ich habe mein System vom Sality Virus gereinigt.
Seither funktionierte es wieder problemlos.

Nun habe ich natürlich ein bisschen hier im Forum gelesen. Es heißt ja oft, dass es noch nicht bedeutet, dass der PC sauber ist, nur weil er wieder besser läuft richtig?

Kann man an den Txt Dateien sehen, ob ich noch den Sality habe? Wäre es überhaupt möglich, dass ich ihn erfolgreich entfernt habe?

Wenn ja, kann ich irgendwie versuchen, den GVU Trojaner zu beseitigen?
Ich habe den in einer früheren Version schon einmal erfolgreich vom PC einer Freundin verjagen können. Ist der neue so bösartig, dass da nix machbar ist?

Nur interessenshalber: Wenn der Trojaner die Webcams anschalten kann, heißt das, dass es wirklich irgendwo so kranke Menschen gibt, die einen beobachten würden? Oder ist das nur ein Automatismus um einen einzuschüchtern?:pfui:

Vielen vielen Dank nochmals für die Mühe man sich hier macht, den Leuten zu helfen! Das ist nicht selbstverständlich seine Zeit für jemand Fremdes zu opfern... Ihr seid ganz große Klasse!:daumenhoc

markusg 07.08.2012 19:22
hi, dieser virus befällt ausführbare dateien, wie exe, dll usw.
es kann daher zu problemen kommen, selbst bei anscheinener bereinigung
deswegen rate ich dir zum neu aufsetzen
die webcam wird, bei den mir bekannten variannten, nicht zum spionieren verwendet

Lizzie87 07.08.2012 20:04
Scheint ja ein echt fieses Ding zu sein.

Da bleibt mir wohl echt nichts anderes übrig, als den PC platt zu machen.

Dazu hätte ich auch ein paar Fragen. Ich wäre Dir sehr dankbar, wenn du mir weiterhin zur Seite stehen könntest...

Du schreibst, dass ich meine Daten mit Parted Magic sichern solle. Da es sich dabei um ein Live Linux Sytem handelt, habe ich mich gefragt, ob ich auch Ubuntu stattdessen nutzen kann. Das ist doch auch eine lesende Linux Distribution oder?
So eine CD habe ich mir nämlich vor längerer Zeit schon einmal erstellt. Oder ist Parted Magic schlichtweg besser und bedienungsfreundlicher?

Daten sichern...
Ich habe mir die Liste mit den Endungen angeschaut. Allerdings würde ich gerne nochmal nachfragen, ob ich das richtig verstanden habe...
Bedeutet das, dass ich die dateien, die vom system direkt ausführbar sind, nicht sichern sollte?
Bzw. Da sich Sality in ausführbaren Dateien einnistet sollte ich keine exe Dateien und co speichern oder?

Ich habe keine Windows CD. Ich glaube, dass ist auf dem fertig Laptop (Sony Vaio Windows 64 bit) mit drauf... kann das sein? Brauch ich dann eine DVD? bzw. Muss ich mir trotzdem Windows 7 ISO downloaden?
Da in dem Thread steht, dass empfohlen wird, professional zu installieren. Allerdings habe ich eine Home Premium Lizenz... dann fällt das wegen der Lizenz flach oder?

Viele Grüße,
Lisa

markusg 07.08.2012 20:29
hi das gerät müsste ne recovery funktion haben.
die kann man bei start über f9
f10
f11 oder alt+f9 bzw alt+f10 starten
ausführbare dateien nicht sichern, genau.
und über ubuntu ist das auch ok

Lizzie87 10.08.2012 12:49
Nochmals hallo!

Ich haben ne neue Externe Festplatte, die Daten gesichert und den PC platt gemacht.
Nun ist er neu formateiert und ich habe schon ein paar Sachen neu draufgespielt.
Zudem habe ich ihn gescannt und wollte das Ergebnis mal hier posten. Wäre super, wenn da jemand nochmal drüber schauen könnte, ob alles in Ordnung ist... Vielen Dank!

PS. Ich habe jetzt seit 3 Tagen jedes Mal eine Fehlermeldung bekommen, wenn ich eine Antwort posten wollte. Ich habe es jetzt ca. 15 Mal vergeblich versucht. Deswegen probiere ich jetzt mal, die OTL Dateien in den Anhang zu packen...
Edit: Funktioniert auch nicht: zu groß. Also mach ich jetzt mehrere Posts...

Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.09.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Lisa :: PUPI [Administrator]

09.08.2012 19:16:02
mbam-log-2012-08-09 (19-16-02).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 358177
Laufzeit: 37 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Viele Grüße!

Lizzie87 10.08.2012 12:50
Teil 2
OTL
Code:
OTL logfile created on: 09.08.2012 22:56:50 - Run 1
OTL by OldTimer - Version 3.2.56.0    Folder = C:\Users\Lisa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 41,96% Memory free
7,83 Gb Paging File | 4,55 Gb Available in Paging File | 58,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,00 Gb Total Space | 56,38 Gb Free Space | 28,19% Space Free | Partition Type: NTFS
Drive D: | 246,68 Gb Total Space | 241,62 Gb Free Space | 97,95% Space Free | Partition Type: NTFS
 
Computer Name: PUPI | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.07 02:38:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
PRC - [2012.07.16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- D:\Programme\Teamviewer\TeamViewer_Service.exe
PRC - [2012.01.20 15:23:00 | 000,054,432 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
PRC - [2011.11.30 18:49:50 | 000,082,592 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2011.07.12 16:10:34 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011.07.12 16:10:28 | 000,923,984 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011.07.07 15:44:12 | 000,183,432 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
PRC - [2011.07.07 15:44:12 | 000,066,696 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
PRC - [2011.06.17 22:02:56 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.06.17 22:02:41 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.05.20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.20 10:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.03.15 14:44:30 | 000,428,384 | ---- | M] (Sony Corporation) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.23 14:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2010.09.30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.08.09 05:57:43 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2012.04.24 00:35:09 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012.03.22 00:32:36 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012.02.11 01:31:42 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2012.01.04 04:51:03 | 003,190,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012.01.04 04:50:59 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2010.11.21 05:24:32 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010.11.21 05:23:48 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010.11.21 05:23:48 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.06.10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.11.30 18:49:50 | 000,260,768 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2011.07.20 00:33:46 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.07.16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- D:\Programme\Teamviewer\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.27 12:29:24 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Programme\Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.05.10 18:44:34 | 001,259,104 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV - [2012.01.20 15:23:00 | 000,054,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2011.07.15 16:43:38 | 000,969,352 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2011.07.13 10:14:44 | 000,552,584 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2011.07.12 16:10:34 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011.07.12 16:10:32 | 001,321,296 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011.07.12 16:10:28 | 000,923,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011.07.07 15:44:12 | 000,066,696 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)
SRV - [2011.07.05 22:27:00 | 000,199,272 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV - [2011.06.17 22:02:56 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.06.17 22:02:41 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.06.16 22:51:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.05.20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.05.19 19:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2011.05.02 14:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011.05.02 14:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2011.05.02 14:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2011.04.21 09:34:16 | 001,136,640 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2011.04.21 08:42:50 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2011.03.15 14:44:30 | 000,428,384 | ---- | M] (Sony Corporation) [Auto | Running] -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2011.03.01 21:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011.02.23 14:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2011.02.21 12:55:08 | 000,113,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2011.02.21 12:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2011.02.18 22:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2011.02.18 22:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2011.01.20 12:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2011.01.20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.09.30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.05.20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.09 19:45:00 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011.11.15 01:13:00 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011.07.20 00:42:15 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.07.20 00:34:07 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.07.20 00:34:07 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.07.20 00:30:07 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.07.06 16:33:58 | 000,052,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011.06.25 05:13:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.06.21 15:19:16 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2011.06.21 15:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011.06.21 15:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011.06.17 22:02:39 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.06.16 22:51:52 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.06.15 22:19:55 | 001,439,280 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.06.14 06:24:06 | 000,207,872 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.06.14 06:24:06 | 000,087,552 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.05.01 14:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.04.21 09:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011.04.21 09:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.30 03:19:52 | 000,425,064 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.05.20 15:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010.04.26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010.03.19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.07.31 03:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XENfiltv.sys -- (XENfiltv)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.10 22:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.facebook.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
IE - HKCU\..\SearchScopes,DefaultScope = {80ECED3D-1F24-4EB0-AFDF-4FA726353E2A}
IE - HKCU\..\SearchScopes\{80ECED3D-1F24-4EB0-AFDF-4FA726353E2A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&amp;sourceid=ie7&amp;rls=com.microsoft:{language}:{referrer:source}&amp;ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: c:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.08.09 05:32:23 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] c:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Programme\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DDBAE932-BF05-43AE-8FB6-C6173F4FBB87}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{98796a5e-e1ce-11e1-93d0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{98796a5e-e1ce-11e1-93d0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.09 22:48:50 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
[2012.08.09 19:21:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2012.08.09 19:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.08.09 19:16:38 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Google
[2012.08.09 19:16:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.08.09 19:15:10 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Malwarebytes
[2012.08.09 19:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.09 19:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.09 19:14:59 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.09 19:14:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.09 19:11:44 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2012.08.09 19:11:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.08.09 19:11:27 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\LogMeIn Hamachi
[2012.08.09 18:51:49 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\iolo
[2012.08.09 18:51:42 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
[2012.08.09 18:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
[2012.08.09 18:30:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam
[2012.08.09 18:30:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft LifeCam
[2012.08.09 18:27:03 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Sony
[2012.08.09 18:26:42 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Podcasts
[2012.08.09 18:26:42 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Media Go
[2012.08.09 18:26:06 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Sony
[2012.08.09 17:22:41 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012.08.09 12:43:53 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Studium
[2012.08.09 12:17:19 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\ArcSoft
[2012.08.09 12:17:15 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\ArcSoft
[2012.08.09 12:16:14 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Skype
[2012.08.09 12:16:10 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.08.09 12:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.08.09 12:16:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.08.09 11:13:59 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\TS3Client
[2012.08.09 09:20:15 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Sony PMB
[2012.08.09 09:20:14 | 000,000,000 | -H-D | C] -- C:\Users\Lisa\Documents\Operation H
[2012.08.09 09:20:14 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\RCT3
[2012.08.09 09:20:14 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\ICQ
[2012.08.09 09:20:14 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Eigene Scans
[2012.08.09 09:20:14 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\DVDVideoSoft
[2012.08.09 09:20:13 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Command and Conquer Generals Data
[2012.08.09 09:19:45 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Ausland
[2012.08.09 09:19:43 | 000,000,000 | -H-D | C] -- C:\Users\Lisa\Documents\Audio Recorder for Free
[2012.08.09 09:19:43 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Any Video Converter Professional
[2012.08.09 09:19:43 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Adobe
[2012.08.09 09:04:50 | 010,652,120 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Lisa\mbam-setup-1.62.0.1300.exe
[2012.08.09 09:03:48 | 000,000,000 | ---D | C] -- C:\Users\Lisa\we're alive
[2012.08.09 08:58:38 | 000,000,000 | ---D | C] -- C:\Users\Lisa\USA
[2012.08.09 08:58:37 | 000,000,000 | ---D | C] -- C:\Users\Lisa\people
[2012.08.09 08:57:42 | 000,000,000 | ---D | C] -- C:\Users\Lisa\mama cam
[2012.08.09 08:57:40 | 000,000,000 | ---D | C] -- C:\Users\Lisa\HG world
[2012.08.09 08:57:40 | 000,000,000 | ---D | C] -- C:\Users\Lisa\gorilla
[2012.08.09 08:57:35 | 000,000,000 | ---D | C] -- C:\Users\Lisa\CD
[2012.08.09 08:56:15 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Cam 2Gb all 18.4.12
[2012.08.09 08:56:00 | 000,000,000 | ---D | C] -- C:\Users\Lisa\bilder bearb udo
[2012.08.09 08:55:49 | 000,000,000 | ---D | C] -- C:\Users\Lisa\4.0
[2012.08.09 08:55:49 | 000,000,000 | ---D | C] -- C:\Users\Lisa\25. Bday
[2012.08.09 08:55:49 | 000,000,000 | ---D | C] -- C:\Users\Lisa\.tfo4
[2012.08.09 08:49:00 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Rechnungen
[2012.08.09 08:48:30 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Desktop\Bachelorarbeit
[2012.08.09 08:41:36 | 000,000,000 | ---D | C] -- C:\Users\Lisa\temp
[2012.08.09 08:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
[2012.08.09 08:38:09 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\ICQ Search
[2012.08.09 08:37:54 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\ICQ
[2012.08.09 08:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012.08.09 08:14:48 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Xfire
[2012.08.09 08:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
[2012.08.09 08:14:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2012.08.09 07:54:02 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Meine empfangenen Dateien
[2012.08.09 07:15:06 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Documents\Battlefield 2
[2012.08.09 07:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
[2012.08.09 06:58:02 | 000,000,000 | ---D | C] -- C:\Update
[2012.08.09 06:48:31 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\ATI
[2012.08.09 06:48:31 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\ATI
[2012.08.09 06:48:31 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.08.09 06:47:38 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Intel Corporation
[2012.08.09 06:47:38 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Adobe
[2012.08.09 06:47:30 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Adobe
[2012.08.09 06:47:11 | 000,000,000 | R--D | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.08.09 06:47:11 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Searches
[2012.08.09 06:47:11 | 000,000,000 | R--D | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.08.09 06:47:03 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Identities
[2012.08.09 06:47:00 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Contacts
[2012.08.09 06:46:47 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\VirtualStore
[2012.08.09 06:45:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\VAIO Startup Setting Tool
[2012.08.09 06:45:06 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.08.09 06:44:55 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Sony Corporation
[2012.08.09 06:44:50 | 000,000,000 | --SD | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft
[2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Videos
[2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Saved Games
[2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Pictures
[2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Music
[2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Links
[2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Favorites
[2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Downloads
[2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Documents
[2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\Desktop
[2012.08.09 06:44:50 | 000,000,000 | R--D | C] -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Vorlagen
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\AppData\Local\Verlauf
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\AppData\Local\Temporary Internet Files
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Startmenü
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\SendTo
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Recent
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Netzwerkumgebung
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Lokale Einstellungen
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Documents\Eigene Videos
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Documents\Eigene Musik
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Eigene Dateien
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Documents\Eigene Bilder
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Druckumgebung
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Cookies
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\AppData\Local\Anwendungsdaten
[2012.08.09 06:44:50 | 000,000,000 | -HSD | C] -- C:\Users\Lisa\Anwendungsdaten
[2012.08.09 06:44:50 | 000,000,000 | -H-D | C] -- C:\Users\Lisa\AppData
[2012.08.09 06:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Temp
[2012.08.09 06:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lisa\Roaming
[2012.08.09 06:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Local\Microsoft
[2012.08.09 06:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Media Center Programs
[2012.08.09 06:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Macromedia
[2012.08.09 06:44:50 | 000,000,000 | ---D | C] -- C:\Users\Lisa\AppData\Roaming\Intel
[2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.08.09 06:44:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.08.09 06:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote for VAIO
[2012.08.09 06:30:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote
[2012.08.09 06:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Evernote
[2012.08.09 06:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
[2012.08.09 06:29:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Corporation
[2012.08.09 06:29:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012.08.09 06:27:49 | 000,021,176 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysNative\iolorgdf64.exe
[2012.08.09 06:27:49 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2012.08.09 06:25:39 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012.08.09 06:20:15 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012.08.09 06:20:08 | 000,000,000 | ---D | C] -- C:\Windows\uk
[2012.08.09 06:19:58 | 000,000,000 | ---D | C] -- C:\Windows\tr
[2012.08.09 06:19:48 | 000,000,000 | ---D | C] -- C:\Windows\sv
[2012.08.09 06:19:43 | 000,000,000 | ---D | C] -- C:\Windows\sk
[2012.08.09 06:19:38 | 000,000,000 | ---D | C] -- C:\Windows\ru
[2012.08.09 06:19:34 | 000,000,000 | ---D | C] -- C:\Windows\ro
[2012.08.09 06:19:30 | 000,000,000 | ---D | C] -- C:\Windows\pt-pt
[2012.08.09 06:19:26 | 000,000,000 | ---D | C] -- C:\Windows\pl
[2012.08.09 06:19:21 | 000,000,000 | ---D | C] -- C:\Windows\no
[2012.08.09 06:19:17 | 000,000,000 | ---D | C] -- C:\Windows\it
[2012.08.09 06:19:13 | 000,000,000 | ---D | C] -- C:\Windows\hu
[2012.08.09 06:19:07 | 000,000,000 | ---D | C] -- C:\Windows\el
[2012.08.09 06:19:02 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012.08.09 06:18:57 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012.08.09 06:18:51 | 000,000,000 | ---D | C] -- C:\Windows\fi
[2012.08.09 06:18:46 | 000,000,000 | ---D | C] -- C:\Windows\nl
[2012.08.09 06:18:41 | 000,000,000 | ---D | C] -- C:\Windows\da
[2012.08.09 06:18:36 | 000,000,000 | ---D | C] -- C:\Windows\cs
[2012.08.09 06:18:31 | 000,000,000 | ---D | C] -- C:\Windows\bg
[2012.08.09 06:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012.08.09 06:13:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012.08.09 06:12:11 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.08.09 06:12:07 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012.08.09 06:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.08.09 06:11:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.08.09 06:11:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012.08.09 06:08:58 | 000,000,000 | ---D | C] -- C:\VAIO Sample Contents
[2012.08.09 06:06:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.08.09 06:05:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Europe Limited
[2012.08.09 06:05:51 | 088,851,008 | ---- | C] (Axialis Software) -- C:\Windows\SysNative\VAIO Hero Screensaver - Fall 2011 - DE.scr
[2012.08.09 06:03:53 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
[2012.08.09 06:03:25 | 000,000,000 | -H-D | C] -- C:\SPLASH.000
[2012.08.09 06:03:01 | 000,000,000 | -H-D | C] -- C:\SPLASH.SYS
[2012.08.09 06:02:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Downloaded Installations
[2012.08.09 06:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2012.08.09 06:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2012.08.09 05:59:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\winrm
[2012.08.09 05:59:14 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WCN
[2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF
[2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sysprep
[2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\slmgr
[2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Printing_Admin_Scripts
[2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\de-DE
[2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2012.08.09 05:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2012.08.09 05:59:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\winrm
[2012.08.09 05:59:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WCN
[2012.08.09 05:59:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\slmgr
[2012.08.09 05:59:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2012.08.09 05:59:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2012.08.09 05:59:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Printing_Admin_Scripts
[2012.08.09 05:59:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2012.08.09 05:58:11 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2012.08.09 05:58:11 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2012.08.09 05:58:08 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2012.08.09 05:58:08 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2012.08.09 05:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.08.09 05:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB
[2012.08.09 05:54:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.08.09 05:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Media Go Install
[2012.08.09 05:48:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft
[2012.08.09 05:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Webcam Suite
[2012.08.09 05:48:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft
[2012.08.09 05:48:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2012.08.09 05:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc
[2012.08.09 05:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate
[2012.08.09 05:45:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software
[2012.08.09 05:37:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2012.08.09 05:37:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012.08.09 05:33:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.08.09 05:33:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012.08.09 05:32:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.08.09 05:32:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.08.09 05:32:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.08.09 05:30:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012.08.09 05:28:35 | 000,000,000 | ---D | C] -- C:\_FS_SWRINFO
[2012.08.09 05:28:33 | 000,000,000 | ---D | C] -- C:\Documentation
[2012.08.09 05:27:29 | 000,000,000 | ---D | C] -- C:\Windows\Sonysys
[2012.08.09 05:27:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2012.08.09 05:27:07 | 000,000,000 | ---D | C] -- C:\Temp
[2012.08.09 05:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012.08.09 05:25:43 | 000,158,832 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe.a002.deleteme
[2012.08.09 05:24:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2012.08.09 05:24:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2012.08.09 05:24:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.08.09 05:24:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Online Backup
[2012.08.09 05:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012.08.09 05:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.08.09 05:23:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.08.09 05:23:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.08.09 05:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.08.09 05:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared
[2012.08.09 05:23:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sony Shared
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\2C0A
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0C0A
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0C04
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0816
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0804
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0424
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\041F
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\041E
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\041D
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\041B
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0419
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0416
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0415
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0414
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0413
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0412
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0411
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0410
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\040E
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\040D
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\040C
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\040B
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\040A
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0409
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0408
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0406
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0405
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0404
[2012.08.09 05:21:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0401
[2012.08.09 05:21:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics
[2012.08.09 05:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2012.08.09 05:21:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2012.08.09 05:20:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012.08.09 05:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012.08.09 05:20:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.08.09 05:20:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012.08.09 05:20:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2012.08.09 05:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012.08.09 05:19:35 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012.08.09 05:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012.08.09 05:18:11 | 000,425,064 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012.08.09 05:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2012.08.09 05:15:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012.08.09 05:15:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012.08.09 05:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.08.09 05:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012.08.09 05:15:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012.08.09 05:15:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.08.09 05:15:08 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.08.09 05:14:50 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012.08.09 05:14:50 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.08.09 05:14:50 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.08.09 05:14:50 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.08.09 05:14:50 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.08.09 05:14:50 | 000,220,512 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012.08.09 05:14:50 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.08.09 05:14:50 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.08.09 05:14:50 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.08.09 05:14:50 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012.08.09 05:14:50 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.08.09 05:14:50 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012.08.09 05:14:50 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.08.09 05:14:50 | 000,078,176 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012.08.09 05:14:50 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012.08.09 05:14:49 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012.08.09 05:14:49 | 002,238,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012.08.09 05:14:49 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012.08.09 05:14:49 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.08.09 05:14:49 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012.08.09 05:14:49 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012.08.09 05:14:49 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012.08.09 05:14:49 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012.08.09 05:14:49 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012.08.09 05:14:49 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012.08.09 05:14:49 | 000,603,472 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2012.08.09 05:14:49 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012.08.09 05:14:49 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012.08.09 05:14:49 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012.08.09 05:14:49 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012.08.09 05:14:49 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012.08.09 05:14:49 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012.08.09 05:14:49 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.08.09 05:14:49 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012.08.09 05:14:49 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012.08.09 05:14:49 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012.08.09 05:14:49 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012.08.09 05:14:49 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012.08.09 05:14:49 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012.08.09 05:14:49 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012.08.09 05:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.08.09 05:14:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.08.09 05:13:27 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.08.09 05:13:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.08.09 05:11:40 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.08.09 05:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.08.09 05:11:37 | 000,000,000 | ---D | C] -- C:\Intel
[2012.08.09 05:05:39 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.08.09 05:02:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.09 22:33:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.09 20:34:49 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.08.09 19:33:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.09 19:18:36 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.08.09 19:11:43 | 000,000,625 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012.08.09 19:08:07 | 000,001,405 | ---- | M] () -- C:\Users\Lisa\Desktop\Internet Explorer (64-bit).lnk
[2012.08.09 19:03:18 | 000,020,992 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.09 19:03:18 | 000,020,992 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.09 18:56:30 | 000,298,984 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.09 18:55:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.09 18:54:54 | 3155,025,920 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.09 18:51:49 | 000,074,703 | ---- | M] () -- C:\Windows\SysWow64\mfc45.dll
[2012.08.09 18:39:41 | 001,590,446 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.09 18:39:41 | 000,696,888 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.09 18:39:41 | 000,652,166 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.09 18:39:41 | 000,148,152 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.09 18:39:41 | 000,121,098 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.09 18:39:39 | 001,590,446 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.09 18:31:03 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk
[2012.08.09 18:12:26 | 000,001,750 | ---- | M] () -- C:\Users\Public\Desktop\Browserwahl.lnk
[2012.08.09 13:29:11 | 000,000,698 | ---- | M] () -- C:\Users\Lisa\Desktop\C&C Generals.lnk
[2012.08.09 12:16:10 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.09 09:08:58 | 000,000,146 | ---- | M] () -- C:\Users\Lisa\Desktop\Verknüpfung.lnk
[2012.08.09 08:41:35 | 000,000,678 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012.08.09 08:38:09 | 000,000,676 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7M.lnk
[2012.08.09 08:38:09 | 000,000,159 | ---- | M] () -- C:\Users\Public\Desktop\Suche im Internet.url
[2012.08.09 08:34:42 | 000,000,748 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012.08.09 08:14:47 | 000,000,630 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2012.08.09 07:26:54 | 000,000,770 | ---- | M] () -- C:\Users\Public\Desktop\Play BF2 Online Now!.lnk
[2012.08.09 07:26:54 | 000,000,748 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 2.lnk
[2012.08.09 06:46:56 | 000,000,000 | RH-- | M] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCSE1E1E.mrk
[2012.08.09 06:46:56 | 000,000,000 | RH-- | M] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCSE1E1E.mrk
[2012.08.09 06:46:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btmaux_01009.Wdf
[2012.08.09 06:46:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2012.08.09 06:46:22 | 000,000,074 | -H-- | M] () -- C:\splash.idx
[2012.08.09 06:44:39 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.08.09 06:44:39 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.08.09 06:30:26 | 000,001,834 | ---- | M] () -- C:\Windows\SysNative\snyinst.oem
[2012.08.09 06:29:45 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iwdbus_01009.Wdf
[2012.08.09 06:29:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WDKMD_01009.Wdf
[2012.08.09 06:18:13 | 000,000,020 | ---- | M] () -- C:\Windows\xõÁ
[2012.08.09 06:09:46 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2012.08.09 06:05:52 | 088,851,008 | ---- | M] (Axialis Software) -- C:\Windows\SysNative\VAIO Hero Screensaver - Fall 2011 - DE.scr
[2012.08.09 05:58:58 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2012.08.09 05:58:58 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2012.08.09 05:58:11 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2012.08.09 05:58:11 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2012.08.09 05:58:08 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2012.08.09 05:58:08 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2012.08.09 05:22:51 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012.08.09 05:21:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012.08.09 05:17:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf
[2012.08.07 03:20:41 | 000,000,000 | ---- | M] () -- C:\Users\Lisa\defogger_reenable
[2012.08.07 02:38:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Lisa\Desktop\OTL.exe
[2012.08.07 02:03:29 | 000,000,746 | ---- | M] () -- C:\Users\Lisa\Malwarebytes Anti-Malware.lnk
[2012.08.07 01:54:38 | 010,652,120 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Lisa\mbam-setup-1.62.0.1300.exe
[2012.08.06 20:39:00 | 280,012,800 | ---- | M] () -- C:\Users\Lisa\kav_rescue_10.iso
[2012.08.06 14:05:00 | 000,111,568 | ---- | M] () -- C:\Users\Lisa\Desktop\Zugang_Zulassung_Master-GH_R_2012.pdf
[2012.08.06 04:08:18 | 000,042,757 | ---- | M] () -- C:\Users\Lisa\Desktop\filme.rtf
[2012.08.04 15:03:22 | 000,033,585 | -H-- | M] () -- C:\Users\Lisa\Documents\iq.rtf
[2012.07.31 00:29:12 | 000,000,425 | ---- | M] () -- C:\Users\Lisa\Desktop\musik.rtf
[2012.07.28 20:07:13 | 000,001,003 | ---- | M] () -- C:\Users\Lisa\trauerbrief.rtf
[2012.07.26 16:48:18 | 001,285,060 | ---- | M] () -- C:\Users\Lisa\Desktop\01 CNC Generals - C_USA04.mp3
[2012.07.26 16:38:10 | 004,744,801 | ---- | M] () -- C:\Users\Lisa\Desktop\01 CNC Generals - USA_01.mp3
[2012.07.24 01:18:26 | 000,001,934 | -H-- | M] () -- C:\Users\Lisa\Documents\how to c&c generals.rtf
[2012.07.23 22:21:28 | 001,646,385 | ---- | M] () -- C:\Users\Lisa\CIMG7985.JPG
[2012.07.23 22:19:16 | 001,713,803 | ---- | M] () -- C:\Users\Lisa\CIMG7984.JPG
[2012.07.21 22:16:12 | 000,000,195 | -H-- | M] () -- C:\Users\Lisa\Documents\nicknames.rtf
[2012.07.16 03:23:54 | 016,099,328 | ---- | M] () -- C:\Users\Lisa\einaudi - divenire.mp3
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.09 19:21:58 | 000,002,555 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk
[2012.08.09 19:18:36 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.08.09 19:16:53 | 000,002,340 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.08.09 19:16:41 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.09 19:16:39 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.09 19:11:05 | 000,000,625 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012.08.09 19:08:07 | 000,001,405 | ---- | C] () -- C:\Users\Lisa\Desktop\Internet Explorer (64-bit).lnk
[2012.08.09 19:05:34 | 000,001,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2012.08.09 18:51:49 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012.08.09 18:51:42 | 000,002,024 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
[2012.08.09 18:31:03 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk
[2012.08.09 18:12:26 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Browserwahl.lnk
[2012.08.09 13:29:11 | 000,000,698 | ---- | C] () -- C:\Users\Lisa\Desktop\C&C Generals.lnk
[2012.08.09 12:16:10 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.09 09:19:43 | 000,063,066 | -H-- | C] () -- C:\Users\Lisa\Documents\romantic 14.5.12.rtf
[2012.08.09 09:19:43 | 000,045,659 | -H-- | C] () -- C:\Users\Lisa\Documents\log rich 2.3..rtf
[2012.08.09 09:19:43 | 000,033,585 | -H-- | C] () -- C:\Users\Lisa\Documents\iq.rtf
[2012.08.09 09:19:43 | 000,032,525 | -H-- | C] () -- C:\Users\Lisa\Documents\log rich 3.3..rtf
[2012.08.09 09:19:43 | 000,025,886 | -H-- | C] () -- C:\Users\Lisa\Documents\romantic xfire 29.4.12.rtf
[2012.08.09 09:19:43 | 000,019,927 | -H-- | C] () -- C:\Users\Lisa\Documents\log bensin 20.2.12.rtf
[2012.08.09 09:19:43 | 000,018,192 | -H-- | C] () -- C:\Users\Lisa\Documents\romantic 5.5.12.rtf
[2012.08.09 09:19:43 | 000,016,566 | -H-- | C] () -- C:\Users\Lisa\Documents\romantic 7.5.12.rtf
[2012.08.09 09:19:43 | 000,015,182 | -H-- | C] () -- C:\Users\Lisa\Documents\Introduction.odt
[2012.08.09 09:19:43 | 000,011,724 | -H-- | C] () -- C:\Users\Lisa\Documents\log bensin 26.2.12.rtf
[2012.08.09 09:19:43 | 000,003,114 | -H-- | C] () -- C:\Users\Lisa\Documents\romantic 29.4.12.rtf
[2012.08.09 09:19:43 | 000,001,934 | -H-- | C] () -- C:\Users\Lisa\Documents\how to c&c generals.rtf
[2012.08.09 09:19:43 | 000,001,868 | -H-- | C] () -- C:\Users\Lisa\Documents\message bay.rtf
[2012.08.09 09:19:43 | 000,000,770 | -H-- | C] () -- C:\Users\Lisa\Documents\[kat.ph]pokemon.yellow.gelb.edition.rar.torrent
[2012.08.09 09:19:43 | 000,000,202 | -H-- | C] () -- C:\Users\Lisa\Documents\Zitate.rtf
[2012.08.09 09:19:43 | 000,000,201 | -H-- | C] () -- C:\Users\Lisa\Documents\künster.rtf
[2012.08.09 09:19:43 | 000,000,195 | -H-- | C] () -- C:\Users\Lisa\Documents\nicknames.rtf
[2012.08.09 09:19:42 | 001,977,037 | -H-- | C] () -- C:\Users\Lisa\Documents\Futterautomat_3581.pdf
[2012.08.09 09:19:42 | 001,699,378 | -H-- | C] () -- C:\Users\Lisa\Documents\CIMG7801.JPG
[2012.08.09 09:19:42 | 001,625,098 | -H-- | C] () -- C:\Users\Lisa\Documents\CIMG7800.JPG
[2012.08.09 09:19:42 | 001,621,520 | -H-- | C] () -- C:\Users\Lisa\Documents\CIMG7799.JPG
[2012.08.09 09:19:42 | 000,029,807 | -H-- | C] () -- C:\Users\Lisa\Documents\anleitung blow.rtf
[2012.08.09 09:19:42 | 000,002,181 | -H-- | C] () -- C:\Users\Lisa\Documents\dr. hartel hirtengrund.rtf
[2012.08.09 09:19:42 | 000,000,629 | -H-- | C] () -- C:\Users\Lisa\Documents\bilder links.rtf
[2012.08.09 09:19:42 | 000,000,292 | -H-- | C] () -- C:\Users\Lisa\Documents\adressen elite etc.rtf
[2012.08.09 09:08:58 | 000,000,146 | ---- | C] () -- C:\Users\Lisa\Desktop\Verknüpfung.lnk
[2012.08.09 09:04:50 | 004,760,280 | ---- | C] () -- C:\Users\Lisa\Usher - Scream [128].mp3
[2012.08.09 09:04:50 | 000,720,909 | ---- | C] () -- C:\Users\Lisa\xfire problem 1.jpg
[2012.08.09 09:04:50 | 000,372,102 | ---- | C] () -- C:\Users\Lisa\Studierendenausweis Lisa Graf.jpg
[2012.08.09 09:04:50 | 000,142,411 | ---- | C] () -- C:\Users\Lisa\snowpersons.png
[2012.08.09 09:04:50 | 000,085,953 | ---- | C] () -- C:\Users\Lisa\Picture 526.jpg
[2012.08.09 09:04:50 | 000,073,147 | ---- | C] () -- C:\Users\Lisa\route-map-seattle.gif
[2012.08.09 09:04:50 | 000,056,632 | ---- | C] () -- C:\Users\Lisa\mecca.jpg
[2012.08.09 09:04:50 | 000,051,756 | ---- | C] () -- C:\Users\Lisa\Picture 533.jpg
[2012.08.09 09:04:50 | 000,027,356 | ---- | C] () -- C:\Users\Lisa\uh60 5.6.12.rtf
[2012.08.09 09:04:50 | 000,023,512 | ---- | C] () -- C:\Users\Lisa\sunisastar.jpg
[2012.08.09 09:04:50 | 000,001,003 | ---- | C] () -- C:\Users\Lisa\trauerbrief.rtf
[2012.08.09 09:04:50 | 000,000,266 | ---- | C] () -- C:\Users\Lisa\Pappa.vcf
[2012.08.09 09:04:49 | 003,745,086 | ---- | C] () -- C:\Users\Lisa\matt 1.jpg
[2012.08.09 09:04:49 | 000,000,746 | ---- | C] () -- C:\Users\Lisa\Malwarebytes Anti-Malware.lnk
[2012.08.09 09:04:46 | 117,011,527 | ---- | C] () -- C:\Users\Lisa\LPLTDE.rar
[2012.08.09 09:04:46 | 009,299,642 | ---- | C] () -- C:\Users\Lisa\Linkin Park - Burn It Down (www.SongsLover.com).mp3
[2012.08.09 09:04:46 | 000,040,119 | ---- | C] () -- C:\Users\Lisa\l3.jpg
[2012.08.09 09:04:46 | 000,038,054 | ---- | C] () -- C:\Users\Lisa\l2.jpg
[2012.08.09 09:04:46 | 000,006,730 | ---- | C] () -- C:\Users\Lisa\log xfire.rtf
[2012.08.09 09:04:39 | 280,012,800 | ---- | C] () -- C:\Users\Lisa\kav_rescue_10.iso
[2012.08.09 09:04:39 | 000,039,415 | ---- | C] () -- C:\Users\Lisa\Jesuslol.jpg
[2012.08.09 09:04:38 | 016,099,328 | ---- | C] () -- C:\Users\Lisa\einaudi - divenire.mp3
[2012.08.09 09:04:38 | 009,451,147 | ---- | C] () -- C:\Users\Lisa\Jason Derulo - Breathing (www.SongsLover.com).mp3
[2012.08.09 09:04:38 | 001,713,803 | ---- | C] () -- C:\Users\Lisa\CIMG7984.JPG
[2012.08.09 09:04:38 | 001,674,596 | ---- | C] () -- C:\Users\Lisa\CIMG7917.JPG
[2012.08.09 09:04:38 | 001,661,795 | ---- | C] () -- C:\Users\Lisa\CIMG7916.JPG
[2012.08.09 09:04:38 | 001,652,969 | ---- | C] () -- C:\Users\Lisa\CIMG7914.JPG
[2012.08.09 09:04:38 | 001,649,730 | ---- | C] () -- C:\Users\Lisa\CIMG7977.JPG
[2012.08.09 09:04:38 | 001,646,385 | ---- | C] () -- C:\Users\Lisa\CIMG7985.JPG
[2012.08.09 09:04:38 | 001,638,229 | ---- | C] () -- C:\Users\Lisa\CIMG7915.JPG
[2012.08.09 09:04:38 | 001,610,571 | ---- | C] () -- C:\Users\Lisa\CIMG7879.JPG
[2012.08.09 09:04:38 | 000,961,968 | ---- | C] () -- C:\Users\Lisa\DSC00001.JPG
[2012.08.09 09:04:38 | 000,190,334 | ---- | C] () -- C:\Users\Lisa\deshawn williams.jpg
[2012.08.09 09:04:38 | 000,083,577 | ---- | C] () -- C:\Users\Lisa\daughter.jpg
[2012.08.09 09:04:38 | 000,078,518 | ---- | C] () -- C:\Users\Lisa\DSC_7371.jpg
[2012.08.09 09:04:38 | 000,068,037 | ---- | C] () -- C:\Users\Lisa\DSC_7364.jpg
[2012.08.09 09:04:38 | 000,056,749 | ---- | C] () -- C:\Users\Lisa\DSC_7363.jpg
[2012.08.09 09:04:38 | 000,044,743 | ---- | C] () -- C:\Users\Lisa\DSC_7362.jpg
[2012.08.09 09:04:38 | 000,011,259 | ---- | C] () -- C:\Users\Lisa\gsview64.ini
[2012.08.09 09:04:38 | 000,006,568 | ---- | C] () -- C:\Users\Lisa\images.jpg
[2012.08.09 09:04:38 | 000,000,609 | ---- | C] () -- C:\Users\Lisa\flüge usa.rtf
[2012.08.09 09:04:38 | 000,000,000 | ---- | C] () -- C:\Users\Lisa\defogger_reenable
[2012.08.09 09:04:37 | 001,623,206 | ---- | C] () -- C:\Users\Lisa\CIMG7878.JPG
[2012.08.09 09:04:37 | 001,566,426 | ---- | C] () -- C:\Users\Lisa\CIMG7876.JPG
[2012.08.09 09:04:37 | 000,067,106 | ---- | C] () -- C:\Users\Lisa\7327_310_500_My-Teacher-Believes-In-Evolution.jpg
[2012.08.09 09:04:37 | 000,036,401 | ---- | C] () -- C:\Users\Lisa\car.jpg
[2012.08.09 09:04:37 | 000,005,166 | ---- | C] () -- C:\Users\Lisa\1274633255324s.jpg
[2012.08.09 09:04:37 | 000,000,044 | ---- | C] () -- C:\Users\Lisa\.edu.xtec.properties
[2012.08.09 08:50:33 | 004,744,801 | ---- | C] () -- C:\Users\Lisa\Desktop\01 CNC Generals - USA_01.mp3
[2012.08.09 08:50:33 | 001,285,060 | ---- | C] () -- C:\Users\Lisa\Desktop\01 CNC Generals - C_USA04.mp3
[2012.08.09 08:50:33 | 001,129,406 | ---- | C] () -- C:\Users\Lisa\Desktop\01Bewerbungsbogen300409_090810_end02_bearb_2_neu.pdf
[2012.08.09 08:50:33 | 000,510,888 | ---- | C] () -- C:\Users\Lisa\Desktop\03_Zusatzfragebogen_zum_Bewerbungsbogen_e.pdf
[2012.08.09 08:50:33 | 000,111,568 | ---- | C] () -- C:\Users\Lisa\Desktop\Zugang_Zulassung_Master-GH_R_2012.pdf
[2012.08.09 08:50:33 | 000,097,617 | ---- | C] () -- C:\Users\Lisa\Desktop\02_Erläuterungsblatt_2008jul_090810_end02.pdf
[2012.08.09 08:50:33 | 000,092,501 | ---- | C] () -- C:\Users\Lisa\Desktop\verspätung erstattung 2.pdf
[2012.08.09 08:50:33 | 000,082,075 | ---- | C] () -- C:\Users\Lisa\Desktop\MDB85421-fgr_barrierefrei12.pdf
[2012.08.09 08:50:33 | 000,042,757 | ---- | C] () -- C:\Users\Lisa\Desktop\filme.rtf
[2012.08.09 08:50:33 | 000,000,425 | ---- | C] () -- C:\Users\Lisa\Desktop\musik.rtf
[2012.08.09 08:41:35 | 000,000,678 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012.08.09 08:41:35 | 000,000,678 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012.08.09 08:38:09 | 000,000,676 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7M.lnk
[2012.08.09 08:38:09 | 000,000,159 | ---- | C] () -- C:\Users\Public\Desktop\Suche im Internet.url
[2012.08.09 08:34:42 | 000,000,748 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012.08.09 08:14:47 | 000,000,630 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2012.08.09 07:26:54 | 000,000,770 | ---- | C] () -- C:\Users\Public\Desktop\Play BF2 Online Now!.lnk
[2012.08.09 07:26:54 | 000,000,748 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 2.lnk
[2012.08.09 06:47:16 | 000,001,405 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.08.09 06:47:13 | 000,001,439 | ---- | C] () -- C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.08.09 06:46:56 | 000,000,000 | RH-- | C] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCSE1E1E.mrk
[2012.08.09 06:46:56 | 000,000,000 | RH-- | C] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCSE1E1E.mrk
[2012.08.09 06:46:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btmaux_01009.Wdf
[2012.08.09 06:46:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2012.08.09 06:46:22 | 000,001,955 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Unlimited.lnk
[2012.08.09 06:30:26 | 3155,025,920 | -HS- | C] () -- C:\hiberfil.sys
[2012.08.09 06:29:45 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iwdbus_01009.Wdf
[2012.08.09 06:29:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WDKMD_01009.Wdf
[2012.08.09 06:29:33 | 000,002,052 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
[2012.08.09 06:18:26 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012.08.09 06:18:16 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012.08.09 06:18:13 | 000,000,020 | ---- | C] () -- C:\Windows\xõÁ
[2012.08.09 06:16:39 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012.08.09 06:14:03 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012.08.09 06:09:30 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2012.08.09 06:09:22 | 000,001,275 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk
[2012.08.09 06:08:29 | 000,002,072 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk
[2012.08.09 06:07:56 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Easy Connect.lnk
[2012.08.09 06:07:40 | 000,002,269 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
[2012.08.09 05:59:43 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2012.08.09 05:59:42 | 000,696,888 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.09 05:59:42 | 000,148,152 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.09 05:59:42 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2012.08.09 05:56:23 | 000,001,139 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk
[2012.08.09 05:54:42 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[2012.08.09 05:50:37 | 000,001,303 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Gallery.lnk
[2012.08.09 05:47:29 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.08.09 05:44:50 | 000,002,267 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 9.lnk
[2012.08.09 05:41:10 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2012.08.09 05:41:00 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012.08.09 05:38:28 | 000,001,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 9.lnk
[2012.08.09 05:32:43 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Standard.lnk
[2012.08.09 05:32:43 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2012.08.09 05:30:15 | 000,002,197 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Smart Network.lnk
[2012.08.09 05:28:36 | 000,001,995 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
[2012.08.09 05:28:19 | 000,001,531 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
[2012.08.09 05:22:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.08.09 05:21:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012.08.09 05:21:02 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012.08.09 05:20:13 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012.08.09 05:20:13 | 000,003,929 | ---- | C] () -- C:\Windows\SysNative\atipblup.dat
[2012.08.09 05:18:11 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012.08.09 05:17:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf
[2012.08.09 05:14:51 | 000,003,178 | ---- | C] () -- C:\Windows\SysNative\drivers\RtPCEE4.DAT
[2012.08.09 05:05:29 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.08.09 05:05:25 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.05.03 04:55:52 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011.07.20 02:29:42 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.07.20 02:29:36 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.07.20 02:29:35 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.07.20 02:29:35 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.07.20 02:29:35 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.07.20 02:29:34 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.07.01 23:08:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.06.21 10:08:55 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.03.31 08:59:24 | 000,002,169 | ---- | C] () -- C:\Windows\XENcfg.ini
[2011.02.11 01:03:27 | 001,590,446 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== LOP Check ==========
 
[2012.08.09 17:19:03 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ
[2012.08.09 08:38:09 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\ICQ Search
[2012.08.09 18:51:49 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\iolo
[2012.08.09 18:26:06 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\Sony
[2012.08.09 12:23:22 | 000,000,000 | ---D | M] -- C:\Users\Lisa\AppData\Roaming\TS3Client
[2009.07.14 07:08:49 | 000,006,166 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Lizzie87 10.08.2012 12:53
Teil 3
ExtrasOTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 09.08.2012 22:56:50 - Run 1
OTL by OldTimer - Version 3.2.56.0    Folder = C:\Users\Lisa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 41,96% Memory free
7,83 Gb Paging File | 4,55 Gb Available in Paging File | 58,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,00 Gb Total Space | 56,38 Gb Free Space | 28,19% Space Free | Partition Type: NTFS
Drive D: | 246,68 Gb Total Space | 241,62 Gb Free Space | 97,95% Space Free | Partition Type: NTFS
 
Computer Name: PUPI | User Name: Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08CCF9A8-D1EE-470D-8834-81541844EDBF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{09BBC57C-C471-4237-9B47-4D6654034B3C}" = rport=137 | protocol=17 | dir=out | app=system |
"{1321E03F-EC41-4636-866F-C064B3CB03BB}" = rport=138 | protocol=17 | dir=out | app=system |
"{2EEAAE20-0887-4E3E-9ECB-4F6CFCDBD55D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{36F94918-EAAD-418A-B540-0DC9454EA951}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3FF6BE07-5723-4C0A-A726-4A14CD729431}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{56308B3F-9D6F-45AB-8505-B906359F0053}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{67DA2E36-BCA7-427F-B55A-D748C3B94EDF}" = rport=139 | protocol=6 | dir=out | app=system |
"{7411F4BE-9685-437B-9FDF-BB619785BD54}" = lport=137 | protocol=17 | dir=in | app=system |
"{764C211C-F735-4EE8-B3B7-6E6515A153B8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{86F44AA0-D996-404B-9C5B-7CD4344D5124}" = lport=139 | protocol=6 | dir=in | app=system |
"{A7EAF060-03F6-4D27-9CFF-F8D991A9A3B6}" = lport=138 | protocol=17 | dir=in | app=system |
"{C9CD1683-044F-4D1D-A332-6D69DEC68651}" = rport=445 | protocol=6 | dir=out | app=system |
"{D6561BF9-854D-41F7-8FF5-DF53E89EA592}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FF812803-9281-44AD-9F0E-3D6BF35C1438}" = lport=445 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0461AEB6-0689-40F2-9207-86352EAC95EA}" = protocol=6 | dir=in | app=d:\programme\teamviewer\teamviewer_service.exe |
"{0C265F36-146E-4A99-A3C0-3DCF6082A7E4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1993D99C-9E05-4FFD-BB01-DC9D0E7C7894}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{1EC0234B-04AA-4F6D-B565-036382E95F6C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{212E0F1B-AF5D-4008-BE00-8054EAADE7CB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{2D54FA35-C63D-4BB3-982D-6AF874B7CB12}" = protocol=6 | dir=in | app=d:\programme\icq7m\icq.exe |
"{30634DFB-03BA-46FA-90E1-B3785D3154C2}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{3DB65B9E-4662-4331-BF73-F12FF0C62594}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{43E0962D-7676-426E-811C-523D356E41C5}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{5B47D2BF-229A-4E20-8D46-8B3B0FE09D29}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{5C5FA524-1C7F-4AFA-8527-817AE1CC2A6F}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{5F74C3DC-DDB3-461D-9AB6-E250FD3AEC9D}" = protocol=17 | dir=in | app=d:\programme\teamviewer\teamviewer_service.exe |
"{696942CB-23B7-404E-809A-5D8AF30CCF48}" = protocol=6 | dir=in | app=d:\games\battlefield 2\bf2.exe |
"{72A8D0EF-EE65-4241-885F-9B04238C1F44}" = protocol=17 | dir=in | app=d:\programme\icq7m\icq.exe |
"{7578A827-03DC-408C-AA78-794429424FFB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{7DF80B3E-729E-451F-A96A-EC16543492A3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7EBF0CC5-8436-4F2C-AAC7-4769330114EB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{97C511AB-44A4-4B71-A93D-447D7A3B7A58}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A1F671F2-3C39-48C5-A1C0-D7C94E6136A9}" = protocol=17 | dir=in | app=d:\programme\icq7m\icq.exe |
"{A21257A6-273A-4451-9FD7-96159524BFDB}" = protocol=6 | dir=in | app=d:\programme\icq7m\icq.exe |
"{B219063A-1780-4F0F-B4BA-5A1D619F617F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{BA834357-D44B-4F07-9809-5B8848581941}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{BFB4AAC8-0E39-462D-BE41-34ACDE012B57}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C2A5B914-1C1A-47E2-9BB2-486C52D474F7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{C581D8AE-4811-40B0-A6C9-ED7E45964BF8}" = protocol=17 | dir=in | app=d:\games\battlefield 2\bf2.exe |
"{DB01692D-2082-44BE-9FE3-D4D645C8F286}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DD8E77E3-8DDE-401A-B357-ED2A5FA122E1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DF172C42-5F9E-490C-9B27-B1B6311C5860}" = protocol=6 | dir=in | app=d:\programme\teamviewer\teamviewer.exe |
"{E8BF9C85-E655-4240-AC5C-00D8728233F5}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{FA25D3ED-761A-4FD2-B357-5B46FD8C07D3}" = protocol=17 | dir=in | app=d:\programme\teamviewer\teamviewer.exe |
"TCP Query User{77C20C55-3EE3-4470-A76F-1F0790D7BAA5}D:\programme\xfire\xfire.exe" = protocol=6 | dir=in | app=d:\programme\xfire\xfire.exe |
"UDP Query User{94E0822A-D2D4-41B2-9970-C0B6A8FA4DE0}D:\programme\xfire\xfire.exe" = protocol=17 | dir=in | app=d:\programme\xfire\xfire.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0EF86E06-C755-4C6F-8E47-2528D0546C0A}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3A4170BE-09B7-5658-285E-6D35E9C87101}" = ATI Catalyst Install Manager
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi-Software
"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64
"{471F7C0A-CA3A-4F4C-8346-DE36AD5E23D1}" = VAIO Care
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4EFA8109-732B-4026-9F0C-B70ECF3F9293}" = Windows Live Remote Service Resources
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = Sony Corporation
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{549AD5FB-F52D-4307-864A-C0008FB35D96}" = VCCx64
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82F3914F-383E-4345-9451-B4E34541B6F1}" = AMD Media Foundation Decoders
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{9F672527-2BE4-47AB-B061-C057BDE30B30}" = Windows Live Remote Client Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed
"{AAE37DF4-D7E4-9FB9-ACBE-BD785F900240}" = ccc-utility64
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" =
"{0483BE07-260D-4E4D-815E-F737C0A72E40}" = Adobe Flash Player 10 ActiveX
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play mit PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0F895695-33CC-4203-9C47-25EF2AC9441C}" = Media Go
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{103FCC16-8501-C8E8-2A8C-93102D3251D3}" = CCC Help Finnish
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{13EC74A6-4707-4D26-B9B9-E173403F3B08}" = Quick Web Access
"{14A9CAFF-0C9F-FC97-C846-3C8ACD93936B}" = CCC Help Korean
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1B0545C4-620F-4661-A369-C4D113F24932}" = Windows Live Writer Resources
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1E908A99-3D67-3634-8242-44E91A121035}" = CCC Help Polish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{2303F9E7-6293-4A85-BC21-CA226FAD5CE4}" = Windows Live Mail
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{2594059F-25BF-028A-9AF9-01890A70D1C0}" = CCC Help French
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{270380EB-8812-42E1-8289-53700DB840D2}" = PMB VAIO Edition Plug-in
"{270B5FA2-363F-255D-DE7D-48EA599E0642}" = CCC Help Dutch
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}" = Основи Windows Live
"{2CC7C829-048B-3DD8-790D-13F5DF7AA86A}" = CCC Help Chinese Traditional
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{364CB34F-039F-2688-0C57-FF3E7A32BDB6}" = CCC Help Danish
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3C83762B-4AF9-E183-0586-DD35618A20EB}" = Catalyst Control Center
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4BF87DDC-2B9B-1904-89FE-FB84FC016C21}" = CCC Help Russian
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{53F29A32-7D03-4635-A8B3-839D921F6F96}" = Adobe Flash Player 10 Plugin
"{542ABB05-DC1D-E332-D153-44D997380C82}" = CCC Help Thai
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5DF8AD8E-3597-2699-D7C9-694CBD07E617}" = CCC Help Japanese
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{630C8469-7638-A7C2-D4DF-FA4117FF81AF}" = CCC Help Greek
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{63E64E94-7D42-EDB9-DDE8-CDF82C067E8C}" = Catalyst Control Center Profiles Mobile
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66081CDD-C1FE-415F-BB3A-F2622BA27461}" = PMB VAIO Edition Guide
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}" = Елемент керування Windows Live Mesh ActiveX для віддалених підключень
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{67898C03-26AE-FA57-052F-DC4957232ADF}" = CCC Help Portuguese
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A183D7E-D76F-8E0E-7DB1-007F521F0056}" = CCC Help German
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AC57EEF-2733-4DE6-81BB-E78ACB964C22}" = Windows Live Photo Common
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E899F31-606A-E6E1-42D2-D1A91B7FA30C}" = CCC Help Italian
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70DE9E60-DE22-4362-B868-1B8922F78C1A}" = Remote Keyboard
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{71FC647F-E91F-4DD2-BEA4-7B4172015DCE}" = VHD
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{781A93CD-1608-427D-B7F0-D05C07795B25}" = Intel(R) WiDi
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{8004AD43-6058-0058-0EF9-46EDB04221FF}" = CCC Help Turkish
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{80651674-74AA-4155-AF2D-1339E628D187}" = Windows Live Movie Maker
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AA8BC62-929A-6FF2-655B-79E2FB4B1810}" = Catalyst Control Center Graphics Previews Common
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center
"{91BD94FE-ADCA-49CC-BE96-97D4BBC36FAF}" = Windows Live Mesh
"{92280FD3-A119-41E6-A740-A62DBA4DFB53}" = Windows Live UX Platform Language Pack
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A30289C-813A-D9E7-0F75-D26EA7BB533F}" = CCC Help Hungarian
"{9AE76A96-BF2F-8AB9-46B8-74F1FB68AD4C}" = PX Profile Update
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-1033-F400-BA7E-000000000005}" = Adobe Acrobat X Standard - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AE35BB59-31F9-C205-1915-08B73D5A4D8C}" = CCC Help Chinese Standard
"{AF0893D0-63E2-5356-6E79-09974852DBC4}" = CCC Help Swedish
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1893E3F-9BDF-443F-BED0-1AAA2D9E0D68}" = ArcSoft Magic-i Visual Effects 2
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B77DE05C-7C84-4011-B93F-A29D0D2840F4}" = ArcSoft WebCam Companion 4
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BA185E4B-55BC-9788-371A-24705F4923BB}" = CCC Help English
"{BA469F53-3131-47B0-9683-2C27F3546CD3}" = Remote Play with PlayStation 3
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = VAIO*CPU-Lüfterdiagnose
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BE9E4DD1-6228-46C6-8EF9-42F7A4F6CC9D}" = VAIO Data Restore Tool
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C115A674-A398-49E5-9C6E-C0A541D3EA10}" = Фотоколекція Windows Live
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO-Handbuch
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D57A002F-2B34-4E7B-A58B-0A4FBDA2E93F}" = Windows Live Messenger
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D7F13995-E383-848E-7925-ABDEC6B1E2EA}" = CCC Help Spanish
"{D9173CE7-83E1-D410-06A2-49F2798A72DB}" = Catalyst Control Center InstallProxy
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DB1DAF88-F975-DD6B-5287-15A02DE306A6}" = CCC Help Czech
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF184496-1CA2-4D07-92E7-0BD251D7DEF0}" = VCCx86
"{DFE03E4C-4B8D-4B0B-BFC8-F473889E4149}" = Catalyst Control Center - Branding
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F28C98E9-BAC1-41FF-81F2-8885925CCB48}" = Windows Live Writer
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F6EC0360-CAC5-1272-7258-FC182F61A945}" = CCC Help Norwegian
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.4
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}" = VAIO - Media Gallery
"{FB22916E-D494-91F2-7CC0-910867BF2C03}" = Catalyst Control Center Localization All
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"GameSpy Arcade" = GameSpy Arcade
"Google Chrome" = Google Chrome
"InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"PremElem90" = Adobe Premiere Elements 9
"ProInst" = Intel PROSet Wireless
"splashtop" = Quick Web Access
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"VAIO Help and Support" =
"VAIO Hero Screensaver - Fall 2011 Screensaver" = VAIO Hero Screensaver - Fall 2011 Screensaver
"WinLiveSuite" = Windows Live Essentials
"Xfire" = Xfire (remove only)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 09.08.2012 12:55:45 | Computer Name = Pupi | Source = WinMgmt | ID = 10
Description =
 
Error - 09.08.2012 13:06:05 | Computer Name = Pupi | Source = System.ServiceModel 4.0.0.0 | ID = 65641
Description =
 
Error - 09.08.2012 13:06:06 | Computer Name = Pupi | Source = .NET Runtime | ID = 1026
Description =
 
Error - 09.08.2012 13:06:07 | Computer Name = Pupi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: VAIOShell.exe, Version: 7.3.0.13310,
 Zeitstempel: 0x4f276329  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,
 Zeitstempel: 0x4e21213c  Ausnahmecode: 0xe0434352  Fehleroffset: 0x000000000000cacd
ID
 des fehlerhaften Prozesses: 0x139c  Startzeit der fehlerhaften Anwendung: 0x01cd7651359249d3
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Sony\VAIO Care\VAIOShell.exe  Pfad des
 fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 824dfa03-e244-11e1-b616-88532e65c231
 
Error - 09.08.2012 13:20:54 | Computer Name = Pupi | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "F:\Download\SoftonicDownloader_fuer_floats-mobile-agent.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 09.08.2012 13:20:54 | Computer Name = Pupi | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "F:\Download\SoftonicDownloader_for_divx-web-player.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 09.08.2012 15:01:49 | Computer Name = Pupi | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll".  Die
 abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 09.08.2012 15:01:49 | Computer Name = Pupi | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll".  Die
 abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 09.08.2012 15:01:49 | Computer Name = Pupi | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll".  Die abhängige
 Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 09.08.2012 15:01:49 | Computer Name = Pupi | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\common files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll".  Die
abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
[ System Events ]
Error - 09.08.2012 12:10:28 | Computer Name = Pupi | Source = Service Control Manager | ID = 7034
Description = Dienst "Adobe Active File Monitor V9" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 09.08.2012 12:10:29 | Computer Name = Pupi | Source = Service Control Manager | ID = 7034
Description = Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 09.08.2012 12:10:29 | Computer Name = Pupi | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Intel(R) Management and Security Application Local Management
 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende
 Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 
Error - 09.08.2012 12:10:30 | Computer Name = Pupi | Source = Service Control Manager | ID = 7034
Description = Dienst "CamMonitor" wurde unerwartet beendet. Dies ist bereits 1 Mal
 passiert.
 
Error - 09.08.2012 12:10:31 | Computer Name = Pupi | Source = Service Control Manager | ID = 7034
Description = Dienst "Intel(R) Management and Security Application User Notification
 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
Error - 09.08.2012 12:10:34 | Computer Name = Pupi | Source = Service Control Manager | ID = 7034
Description = Dienst "VCService" wurde unerwartet beendet. Dies ist bereits 1 Mal
 passiert.
 
Error - 09.08.2012 12:10:34 | Computer Name = Pupi | Source = Service Control Manager | ID = 7031
Description = Der Dienst "VAIO Event Service" wurde unerwartet beendet. Dies ist
 bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 09.08.2012 12:10:38 | Computer Name = Pupi | Source = Service Control Manager | ID = 7000
Description = Der Dienst "VAIO Event Service" wurde aufgrund folgenden Fehlers nicht
 gestartet:  %%109
 
Error - 09.08.2012 12:10:39 | Computer Name = Pupi | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) Management and Security Application Local Management
 Service" wurde aufgrund folgenden Fehlers nicht gestartet:  %%109
 
Error - 09.08.2012 12:12:22 | Computer Name = Pupi | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler
beendet:  %%16405
 
 
< End of report >
--- --- ---

Vielen Dank nochmal

markusg 14.08.2012 17:44
sorry für die wartezeit.
pc absichern:
als antimalware programm würde ich emsisoft empfehlen.
diese haben für mich den besten schutz kostet aber etwas.
http://www.trojaner-board.de/103809-...i-malware.html
testversion:
Meine Antivirus-Empfehlung: Emsisoft Anti-Malware
insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren.
vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen.

kostenlos, aber eben nicht ganz so gut wäre avast zu empfehlen.
http://www.trojaner-board.de/110895-...antivirus.html

sag mir welches du nutzt, dann gebe ich konfigurationshinweise.
bitte dein bisheriges av deinstalieren
die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch!

http://www.trojaner-board.de/96344-a...-rechners.html
Starte bitte mit der Passage, Windows Vista und Windows 7
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist.
aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen.
als browser rate ich dir zu chrome:
Installation von Google Chrome für mehrere Nutzerkonten - Google Chrome-Hilfe
anleitung lesen bitte
falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung


Sandboxie
Die devinition einer Sandbox ist hier nachzulesen:
Sandbox
Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen.

Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen.
Download Link:
Sandboxie Download - Sandboxie 3.72

anleitung:
http://www.trojaner-board.de/71542-a...sandboxie.html
ausführliche anleitung als pdf, auch abarbeiten:
Sandbox Einstellungen |

bitte folgende zusatz konfiguration machen:
sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen.
dort klicke auf sandbox einstellungen.
beschrenkungen, bei programm start und internet zugriff schreibe:
chrome.exe
dann gehe auf anwendungen, webbrowser, chrome.
dort aktiviere alles außer gesammten profil ordner freigeben.
Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen.
Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate.
Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten.
Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten.
Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar.

Weiter mit:
Maßnahmen für ALLE Windows-Versionen
alles komplett durcharbeiten
anmerkung zu file hippo.
in den settings zusätzlich auswählen:
hide beta updates.
Run updateChecker when Windows starts

Backup Programm:
in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an:
http://www.trojaner-board.de/82962-w...en-backup.html
Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar.
Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist.

Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern
bitte auch lesen, wie mache ich programme für alle sichtbar:
Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe
surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox.
wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird sandboxie immer gestartet wenn du nen browser aufrufst.
wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser

passwort sicherheit:
jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort
bei der passwort verwaltung und erstellung hilft roboform
Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager
anleitung:
RoboForm-Bedienungsanleitung: Passwort-Manager, Verwalten von Passwörtern und persönlichen Daten


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:44 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55